do not click on markdown
in notepad. It’s ok to click on markdown here in your brower because I’m just letting you know not to click on markdown 
new CVE
Look inside
Its unsanitized text input
We may be laughing now, but Microslop is going to roll out 10-factor authentication on Shithub because of this.
for security reasons your readme must be in docx format
.DOCM None of that macro free bs
Shithub
What are good alternatives if any
codeberg and gitlab come to mind
Forgejo is really easy to operate if you already have a server.
Codeberg is a large public Forgejo instance.
There is also https://tangled.org/ which I’ve meant to look into for a while but never gotten around to. I think it’s promising but it’s still alpha software. Forgejo and Gitea before it have been around for almost 10 years altogether.
deleted by creator
So AI slop coding is going great!
win11 shitty notepad or all notepad?
The former. Classic notepad would never support clickable links
The US has lost the AI race.
wtf version of notepad even lets you create clickable hyperlinks in the first place?
My main uses for notepad:
Second clipboard I can paste stuff into without worrying about consequences.
Paste formatted text into notepad and copy it immediately to strip away formatting.
You can paste without formatting with ctrl + shift + V
✨ sometimes ✨
deleted by creator
Depending on the browser settings, the content of the URL bar get sent to Google even without hitting enter.
deleted by creator
It’s just a bad practice and it doesn’t really matter which search engine.
It also wouldn’t surprise me if browsers send it to the DNS server which is an unencrypted request. But I don’t know that.
deleted by creator
I just don’t paste stuff into networked applications if I don’t have to, ok?
hilarious
or maybe it was just a backdoor that the wrong person noticed
The 3 people who reported it are:
Cristian Papa, Romanian in Romania,
Alasdair Gorniak, slav (?) in the UK,
Chen, Chinese person, https://x.com/chen9918b/status/2015688020356407548, “Chinese history and culture enthusiasts & market analysis”its so over for the Amerikkkans. Can’t even install remote code execution backdoors in peace.
The Windows Notepad app has a glaring vulnerability. It sends all your contained data to some Microsoft AI if you click the wrong button.
I’m not a tech guy so I don’t know why I - cough - clicked the link. I assumed I wouldn’t be able to understand anything. But after taking a ~10 second gander at the page I saw this and it made me laugh.
How could an attacker exploit this vulnerability?
An attacker could trick a user into clicking a malicious link inside a Markdown file opened in Notepad, causing the application to launch unverified protocols that load and execute remote files.
