The Hacker News

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

APT28 exploited CVE-2026-21513, an MSHTML zero-day (CVSS 8.8), using malicious LNK files to bypass security controls and execute code.
PC World

Windows Notepad gets image support, becoming even more like WordPad

PCWorld reports that Microsoft is adding image support to Windows Notepad, a feature previously exclusive to WordPad, with an image button appearing in the toolbar. The enhancement is currently in ...
Futurism

Microsoft Added AI to Notepad and It Created a Security Failure Because the AI Was Stupidly Easy for Hackers to Trick

As Microsoft continues to force AI features onto users of its Windows operating system and other crucial software, glaring issues keep cropping up. Executives have promised to turn the platform into ...
ExtremeTech

Microsoft Fixes Windows 11 Bug That Let Attackers Run Remote Code in Notepad

Share on Facebook (opens in a new window) Share on X (opens in a new window) Share on Reddit (opens in a new window) Share on Hacker News (opens in a new window) Share on Flipboard (opens in a new ...
PC World

Windows Notepad is now complex enough to have a serious security flaw

PCWorld reports that Windows Notepad’s new Markdown support feature has introduced a serious remote code execution vulnerability with a high CVSS score of 8.8/7.7. The security flaw allows malicious ...
TechSpot

Unwanted AI upgrade to Windows Notepad created a serious security flaw

The big picture: Microsoft released its latest Patch Tuesday update this week with 59 hotfixes across Windows, Microsoft Office, Azure, and core system components. The update includes patches for six ...
TweakTown

Extra features for Windows 11 Notepad go beyond worries about bloat, as new security flaw shows

TL;DR: Windows 11's Notepad app has a security flaw rated as a 'high' severity vulnerability, one that allows for remote code execution. The good news is that it's already been patched by Microsoft, ...
Yahoo

Annual governors' gathering with White House unraveling after Trump excludes Democrats

Add Yahoo as a preferred source to see more of our stories on Google. WASHINGTON (AP) — An annual meeting of the nation’s governors that has long served as a rare bipartisan gathering is unraveling ...
Engadget

Notepad++ says it was hijacked by Chinese state-sponsored hackers

Last year, the creator of Notepad++ rolled out an update for the text and source code editor after security experts reported that bad actors were hijacking its update mechanism to redirect traffic to ...
TweakTown

Notepad++ hack detailed - and what to do if you think you might be affected

TL;DR: Notepad++ was compromised for six months, but it wasn't the software itself which the exploit leveraged, but its hosting provider. An investigation into the attack has just been concluded with ...
Yahoo

Notepad++ says Chinese government hackers hijacked its software updates for months

The developer of the popular open source text editor Notepad++ has confirmed that hackers hijacked the software to deliver malicious updates to users over the course of several months in 2025. In a ...
Ars Technica

Notepad++ users take note: It’s time to check if you’re hacked

Infrastructure delivering updates for Notepad++—a widely used text editor for Windows—was compromised for six months by suspected China-state hackers who used their control to deliver backdoored ...