Chapters
00:00:00 - Intro
00:03:42 - ssh terminal.shop
00:04:16 - Notepad Exploit
00:14:47 - Notepad++ Exploit
00:30:16 - Outro

https://twitch.tv/ThePrimeagen - I Stream on Twitch

https://twitter.com/terminaldotshop - Want to order coffee over SSH?
ssh terminal.shop

Become Backend Dev: https://boot.dev/prime
(plus i make courses for them)

This is also the best way to support me is to support yourself becoming a better backend engineer.  

Great News?  Want me to research and create video????: https://www.reddit.com/r/ThePrimeagen

Kinesis Advantage 360: https://bit.ly/Prime-Kinesis


The crew talks about one of the biggest debates in programming right now: do lines of code actually matter? They dive into AI coding tools, developer productivity, and why measuring engineers by code output might be completely broken. Along the way they roast the viral “burned out my USB-C ports using Claude Code” tweet, share stories about gamifying developer metrics, and break down some surprisingly wild security vulnerabilities in both Windows Notepad and Notepad++. A mix of tech insight, developer culture, and plenty of chaos.

Primeagen's resource offers insights, tutorials, and resources for software developers and technology enthusiasts. Readers can learn about productivity hacks, career development strategies, and personal growth. With articles, videos, and practical advice, Primeagen provides  guidance and expertise for achieving professional success and fulfillment.

ThePrimeTime

A podcast discussion covering two recent security exploits in Windows text editors. The first involves Microsoft Notepad, which added markdown parsing and used ShellExecuteExW to open links without sanitization, allowing arbitrary code execution via crafted file:// URLs in markdown links. The second, more serious exploit targeted Notepad++ users: state-sponsored attackers compromised the WinGUp auto-updater's hosting server, then selectively served a malicious update only to high-value IP targets. The malicious package included a legitimate BitDefender executable renamed as a Bluetooth service, with its DLLs replaced by exploit payloads — a sophisticated DLL hijacking attack that was extremely difficult to detect due to its targeted nature.

Why is Microsoft updating their text editors!? | TheStandup