Hackaday

This Week In Security: Getting Back Up To Speed

Over the course of nearly 300 posts, Jonathan Bennett set a very high bar for this column, so we knew it needed to be placed in the hands of somebody who could do it justice.

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
Bleeping Computer

Notepad++ boosts update security with ‘double-lock’ mechanism

Notepad++ has adopted a “double-lock” design for its update mechanism to address recently exploited security gaps that resulted in a supply-chain compromise. The new mechanism landed in Notepad++ ...
telecom.economictimes.indiatimes

Popular open-source coding application targeted in Chinese-linked supply-chain attack

A Chinese-linked cyberespionage group with a long history hijacked ⁠the update process for the popular code editing platform Notepad++ to deliver a custom backdoor and other malware to targeted users, ...
CSO Online

Notepad++ author says fixes make update mechanism ‘effectively unexploitable’

The recently compromised update mechanism for the popular open source text editor Notepad ++ has been hardened so it’s now ...
WJAC-TV on MSN

'Justice served:' Man gets decades in prison for deadly Hornerstown drive-by shooting

The man who pleaded guilty to pulling the trigger in a fatal shooting in Johnstown's Hornerstown neighborhood appeared in court on Thursday where he learned his ...
PC World

Windows Notepad is now complex enough to have a serious security flaw

PCWorld reports that Windows Notepad’s new Markdown support feature has introduced a serious remote code execution vulnerability with a high CVSS score of 8.8/7.7. The security flaw allows malicious ...

'I am going to kill the president': Man threatened to slit Trump's 'jugular' and watch the life leave 'his pathetic eyes' in DMs to Don Jr., feds say

A West Virginia man allegedly threatened to kill President Trump in DMs to Donald Trump Jr., which described how he would cut ...
The Register on MSN

Notepad++ declares hardened update process 'effectively unexploitable'

Miscreants will need to find another avenue for malware shenanigans Notepad++ has continued beefing up security with a release the project's author claims makes the "update process robust and ...
Que.com on MSN

Notepad++ hack, Office and ESXi zero-days fuel ransomware surge

A fresh wave of ransomware activity is being fueled by an uncomfortable mix of software supply-chain risk, rapidly weaponized zero-day ...
PCMag

Wikipedia Forced to Lock Down Edits Over JavaScript That Could Delete Pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed ...
National Basketball Association

SoFi Play-In Tournament history

A version of the SoFi Play-In Tournament has been in place since 2020, with the NBA officially adopting it 2022. From NBA.com Staff The Play-In Tournament was officially adopted as a full-time part of ...