Critical React Native Metro dev server bug under attack as researchers scream into the void

Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware to both Windows and Linux ...
The Hacker News

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.

Hackers exploit critical React Native Metro bug to breach dev systems

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux.
SecurityWeek

Critical React Native Vulnerability Exploited in the Wild

Threat actors are exploiting the Metro4Shell React Native vulnerability to deploy malware on Linux and Windows systems.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.
Arabian Post on MSN

Chollima hackers expand phishing with stealth LNK malware

A coordinated cyber-espionage campaign attributed to the Chollima advanced persistent threat group has drawn attention from ...