The Hacker News

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.

Hackers exploit critical React Native Metro bug to breach dev systems

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux.
The Hacker News

Mozilla Adds One-Click Option to Disable Generative AI Features in Firefox

Mozilla will release Firefox 148 with a new settings toggle that lets users completely turn off all current and future generative AI features.