#metro4shell

[ follow ]
#cve-2025-11953 #react-native-communitycli #remote-code-execution #react-native #supply-chain-security
Information security
fromThe Hacker News
20 hours ago

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

CVE-2025-11953 (Metro4Shell) is actively exploited to achieve unauthenticated remote command execution and deliver persistent, Rust-based malware via a PowerShell loader.
Information security
fromSecurityWeek
21 hours ago

Critical React Native Vulnerability Exploited in the Wild

Critical CVE-2025-11953 (Metro4Shell) in React Native's Community CLI/Metro is being actively exploited since December, exposing thousands of internet-accessible instances.
[ Load more ]