SecurityWeek

Critical React Native Vulnerability Exploited in the Wild

Threat actors are exploiting the Metro4Shell React Native vulnerability to deploy malware on Linux and Windows systems.
The Hacker News

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.
Techzine Europe

Critical vulnerability in React Native development tool actively exploited

Attackers are actively exploiting a critical vulnerability in React Native's Metro server to infiltrate development ...
Hosted on MSN

Millions of developers could be open to attack after critical flaw exploited - here's what we know

A widely popular npm package carried a critical severity vulnerability that allowed threat actors to, in certain scenarios, run malicious commands, experts have warned. Cybersecurity researchers from ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...

Hackers use critical React Native Metro bug to breach dev systems

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux.