The Hacker News

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.

I hacked my own computer using OpenClaw and it was terrifyingly easy

Agentic AI tools like OpenClaw promise powerful automation, but a single email was enough to hijack my dangerously obedient ...

The Notepad++ website was hijacked by 'malicious actors' last year and security researchers are picking through the wreckage

It's believed that, between June and November 10/December 2, 2025 (independent security experts and its hosting provider disagree on the exact timings), a shared hosting server was compromised, ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.