The Hacker News

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.

Hackers exploit critical telnetd auth bypass flaw to get root

A coordinated campaign has been observed targeting a recently disclosed critical-severity vulnerability that has been present ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
CSO Online

Threat actors hijack web traffic after exploiting React2Shell vulnerability

Hijacking web traffic is an old tactic for threat actors. In fact David Shipley, head of Canadian security awareness training ...

Hackers hijack exposed LLM endpoints in Bizarre Bazaar operation

A malicious campaign is actively targeting exposed LLM (Large Language Model) service endpoints to commercialize unauthorized ...
SecurityWeek

Organizations Warned of Exploited Linux Vulnerabilities

CISA has added to the KEV catalog two Linux vulnerabilities leading to privilege escalation and authentication bypass via ...
Hosted on MSN

Microsoft Copilot reprompt exploit allowed attackers to steal your AI data

Data security research firm Varonis Threat Labs has published a report that details an exploit it calls "Reprompt" that allowed attackers to silently steal your personal data via Microsoft Copilot.