PCMag

Another Week, Another Data Disaster: Substack, Coinbase, and a Malicious Notepad++ Update

If you have accounts on any of these services, now's a good time to check your security settings. Plus more from a busy week ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
ExtremeTech

Notepad++ Says Chinese-State Hackers Spent Half a Year Hijacking Its Software Updates

Notepad++ released version 8.8.9 in December, which checks digital signatures and certificates before installing any updates.