Windows 11 Notepad flaw let files execute silently via Markdown links

Microsoft has fixed a "remote code execution" vulnerability in Windows 11 Notepad that allowed attackers to execute local or ...

Update Windows 11 Now: Major Notepad Flaw Fixed

Microsoft has patched a high-severity RCE vulnerability in the Windows 11 Notepad app that could allow attackers to silently execute malicious files ...

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

AI bot criticises engineer for rejecting its code, sparking concerns over AI bullying and safety

An AI bot publicly criticized a software engineer for rejecting its code, sparking debate about autonomous AI behavior. The ...

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...

Once-hobbled Lumma Stealer is back with lures that are hard to resist

“LummaStealer is back at scale, despite a major 2025 law-enforcement takedown that disrupted thousands of its command-and-control domains,” researchers from security firm Bitdefender wrote. “The ...

‘Dead’ Outlook add-in hijacked to phish 4,000 Microsoft Office Store users

A hacker noticed the change in its status and hijacked the dead add-in and its 4.71-star rating to conduct a phishing campaign that the company which uncovered the attack, plug-in security company Koi ...