InfoWorld

Are you ready for JavaScript in 2026?

Strip the types and hotwire the HTML—and triple check your package security while you are at it. JavaScript in 2026 is just ...

Hackers exploit critical React Native Metro bug to breach dev systems

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native ...
The Hacker News

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

Active React2Shell exploitation uses malicious NGINX configurations to hijack web traffic, targeting Baota panels, Asian TLDs, and government domains.
SecurityWeek

Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks

The majority of the 1.4 million React2Shell exploitation attempts GreyNoise saw in a week deployed cryptominers and reverse ...
CSO Online

Threat actors hijack web traffic after exploiting React2Shell vulnerability

Hijacking web traffic is an old tactic for threat actors. In fact David Shipley, head of Canadian security awareness training provider Beauceron Security, called these attacks on NGINX servers “a ...
The Register on MSN

Critical React Native Metro dev server bug under attack as researchers scream into the void

Too slow react-ion time Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware ...