#mobile-app-security

[ follow ]
#cybersecurity #vulnerabilities #malware #vulnerability #apple #privacy #ai #data-breach #mobile-security
Privacy professionals
fromFast Company
22 hours ago

How to hide your sensitive info (for real) when using ChatGPT and other AI chatbots

Chatbots can be useful for summarizing complex information, but sensitive data must be properly redacted to ensure privacy.
#apple
Apple
fromTheregister
1 day ago

Apple is working on passcode bug locking out iPhone users

Apple is addressing a bug that locked users out of iPhones due to a missing Czech keyboard character.
Apple
fromTechCrunch
4 days ago

How vibe coding app Anything is rebuilding after getting booted from the App Store twice | TechCrunch

Apple is blocking updates and removing vibe coding apps from the App Store, citing developer agreement violations.
Apple
fromTheregister
1 day ago

Apple is working on passcode bug locking out iPhone users

Apple is addressing a bug that locked users out of iPhones due to a missing Czech keyboard character.
Apple
fromTechCrunch
4 days ago

How vibe coding app Anything is rebuilding after getting booted from the App Store twice | TechCrunch

Apple is blocking updates and removing vibe coding apps from the App Store, citing developer agreement violations.
more#apple
#privacy
Privacy technologies
fromComputerWeekly.com
1 day ago

Privacy, power, and encryption: why end-to-end security matters | Computer Weekly

Privacy is a fundamental human condition, and end-to-end encryption is essential for protecting communications in a surveillance-heavy world.
more#privacy
Artificial intelligence
fromTechRepublic
1 day ago

AI Upgrades, Security Breaches, and Industry Shifts Define This Week in Tech - TechRepublic

AI innovation and security threats are reshaping technology and corporate strategies across various platforms and applications.
#age-verification
EU data protection
fromWIRED
2 days ago

Europe's Online Age Verification App Is Here

The European online age verification app ensures anonymous age verification using ID cards or passports, protecting children from harmful content.
Privacy technologies
fromThe Verge
2 days ago

Age verification is a mess but we're doing it anyway

Age verification methods on the internet are flawed, leading to challenges in effectively preventing underage access to inappropriate content.
EU data protection
fromWIRED
2 days ago

Europe's Online Age Verification App Is Here

The European online age verification app ensures anonymous age verification using ID cards or passports, protecting children from harmful content.
Privacy technologies
fromThe Verge
2 days ago

Age verification is a mess but we're doing it anyway

Age verification methods on the internet are flawed, leading to challenges in effectively preventing underage access to inappropriate content.
more#age-verification
Python
fromTalkpython
2 days ago

OWASP Top 10 (2025 List) for Python Devs

The OWASP Top 10 has been updated with significant changes including supply chain attacks and exceptional condition handling.
Venture
fromSecurityWeek
3 days ago

Capsule Security Emerges From Stealth With $7 Million in Funding

Capsule Security provides a security layer for AI agents to prevent manipulation and ensure safe operations.
Games
fromTechCrunch
4 days ago

How the rewards app Freecash scammed its way to the top of the app stores | TechCrunch

Freecash misled users by promoting itself as a money-making app while harvesting sensitive data.
#mirax
Information security
fromSecurityWeek
3 days ago

Mirax RAT Targeting Android Users in Europe

A new remote access trojan named Mirax targets Android users in Europe, enabling extensive control and data theft through sophisticated techniques.
Information security
fromSecurityWeek
3 days ago

Mirax RAT Targeting Android Users in Europe

A new remote access trojan named Mirax targets Android users in Europe, enabling extensive control and data theft through sophisticated techniques.
more#mirax
Digital life
fromwww.dw.com
4 days ago

Dangerous Apps In the Web of Data Brokers

Smartphone apps collect detailed location data, often shared with data brokers, posing security risks to users, including soldiers and government officials.
Information security
fromSecurityWeek
21 hours ago

Tycoon 2FA Loses Phishing Kit Crown Amid Surge in Attacks

Threat actors have shifted to new phishing platforms after Tycoon 2FA's disruption, reusing its tools and increasing overall phishing attacks.
Privacy professionals
fromGSMArena.com
21 hours ago

India drops proposal to make smartphone brands pre-install unique ID app Aadhaar on their devices

The Indian government has rejected a proposal to mandate pre-installation of the Aadhaar app on smartphones due to security and cost concerns.
#cybersecurity
fromTechCrunch
1 day ago
Information security

Hackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunch

Information security
fromSecurityWeek
1 day ago

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Senate legislation aims to enhance satellite cybersecurity amid rising threats and vulnerabilities in commercial satellite signals.
Privacy technologies
fromYahoo Tech
1 week ago

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.
Information security
fromThe Hacker News
4 days ago

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

A cluster of 108 malicious Chrome extensions collects user data and injects ads, compromising browser security.
Software development
fromTheregister
2 days ago

Claude Opus wrote a Chrome exploit for $2,283

Anthropic withheld its Mythos model due to security concerns, while Opus 4.6 was used to create a functional exploit for Chrome's V8 engine.
Information security
fromTechCrunch
1 day ago

Hackers are abusing unpatched Windows security flaws to hack into organizations | TechCrunch

Hackers exploited Windows vulnerabilities published by a researcher, affecting Windows Defender and allowing high-level access.
Information security
fromSecurityWeek
1 day ago

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

Senate legislation aims to enhance satellite cybersecurity amid rising threats and vulnerabilities in commercial satellite signals.
Privacy technologies
fromYahoo Tech
1 week ago

Hackers Are Using Your Home Router to Spy on Microsoft 365 Users

Russian spies exploited consumer routers to steal Microsoft 365 credentials from thousands of users, turning home devices into espionage tools.
Information security
fromThe Hacker News
4 days ago

108 Malicious Chrome Extensions Steal Google and Telegram Data, Affecting 20,000 Users

A cluster of 108 malicious Chrome extensions collects user data and injects ads, compromising browser security.
more#cybersecurity
fromMacRumors
2 days ago

iPhone Loyalty Hits 96.4% as Android Users Four Times More Likely to Switch

According to the survey, 96.4% of iPhone users plan to stick with Apple for their next upgrade, a rise from 91.9% in 2021 and 90.5% in 2019.
Apple
fromwww.socialmediatoday.com
4 days ago

Grok faced potential removal from the App Store

Apple privately threatened to remove Elon Musk's artificial intelligence app, Grok, from its App Store in January after Musk's xAI failed to do enough to stop it from creating nude or sexualized deepfakes.
Artificial intelligence
#ransomware
EU data protection
fromTheregister
3 days ago

Autovista blames ransomware for service disruption

Autovista is addressing a ransomware infection affecting its systems in Europe and Australia, prioritizing the secure restoration of impacted applications.
EU data protection
fromTheregister
3 days ago

Autovista blames ransomware for service disruption

Autovista is addressing a ransomware infection affecting its systems in Europe and Australia, prioritizing the secure restoration of impacted applications.
more#ransomware
#data-breach
fromTechCrunch
5 days ago
Information security

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Information security
fromSecuritymagazine
4 days ago

McGraw Hill Data Breach Caused by Salesforce Misconfiguration

McGraw Hill experienced a data breach linked to a Salesforce misconfiguration, with ShinyHunters claiming to have stolen 45 million records.
Information security
fromTechCrunch
5 days ago

Hack at Anodot leaves over a dozen breached companies facing extortion | TechCrunch

Hackers stole data from multiple companies after breaching Anodot, exposing customers to extortion and potential data publication.
more#data-breach
Privacy technologies
fromMail Online
2 days ago

Is YOUR phone safe? Facial recognition on 21 devices can be spoofed

Facial recognition on many mobile phones can be easily fooled by printed photos, posing security risks for users.
Software development
fromZDNET
3 days ago

'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source

Cal is shifting from open source to proprietary licensing due to security risks posed by modern AI tools.
#north-korea
fromComputerWeekly.com
1 day ago
Information security

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.
Information security
fromComputerWeekly.com
1 day ago

North Korean social engineering campaign targets macOS users | Computer Weekly

A North Korean campaign targeting macOS users tricked victims into executing malicious files, leading to credential and data theft.
more#north-korea
Privacy technologies
from404 Media
2 days ago

App Stores Push Users Toward Nudify Apps, New Research Shows

Google and Apple's app stores actively promote harmful nudify and undress apps, contrary to their stated policies.
fromTheregister
6 days ago

Apple update turns Czech mate for locked-out iPhone user

"The phone's very cracked, so, at this point, the photos contained in it are more valuable than the ability to use the phone itself. They're the main data that I care about and haven't backed up."
Apple
#nist
Information security
fromComputerWeekly.com
1 day ago

Surging CVE disclosures force NIST to shake up workflows | Computer Weekly

NIST is changing its approach to handling CVEs, focusing on those with the greatest potential impact due to increased submissions.
Information security
fromComputerWeekly.com
1 day ago

Surging CVE disclosures force NIST to shake up workflows | Computer Weekly

NIST is changing its approach to handling CVEs, focusing on those with the greatest potential impact due to increased submissions.
more#nist
Privacy professionals
fromFast Company
1 week ago

This iPhone trick lets you use ChatGPT without the privacy risks

Using AI chatbots poses risks to privacy and data security, but Siri can help mask identity when accessing ChatGPT on iPhones.
Privacy technologies
fromThe Hacker News
1 day ago

Google Blocks 8.3B Policy-Violating Ads in 2025, Launches Android 17 Privacy Overhaul

Google announced Play policy updates to enhance user privacy and combat fraud, including new contact and location permission features.
Software development
fromDevOps.com
1 week ago

Appknox Adds AI Tool to Detect and Fix Vulnerabilities in Mobile Applications - DevOps.com

Appknox introduces AI to assess mobile app vulnerabilities and recommend fixes, enhancing the patching process for software engineering teams.
#malware
Information security
fromTechRepublic
1 day ago

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.
fromSecurityWeek
3 days ago
Information security

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

A sophisticated threat disguised as adware compromised over 25,000 endpoints, allowing silent control through an unregistered domain.
Information security
fromTechRepublic
1 day ago

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Attackers are exploiting n8n workflows to deliver malware while evading detection and blending into normal business activities.
Information security
fromSecurityWeek
3 days ago

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

A sophisticated threat disguised as adware compromised over 25,000 endpoints, allowing silent control through an unregistered domain.
more#malware
Privacy technologies
fromwww.bbc.com
1 day ago

Tinder and Zoom offer 'proof of humanity' eye-scans to combat AI

Tinder will implement eye-scanning technology to verify users as human, addressing concerns over AI-generated fake profiles.
Information security
fromBusiness Matters
2 days ago

Why Trust and Verification Are Critical for Modern Online Platform Businesses

Trust is essential yet fragile in the digital economy, with platforms facing increasing challenges from sophisticated online scams.
#nudify-apps
Privacy technologies
fromEngadget
3 days ago

Apple and Google are reportedly pointing users to nudify apps

Apple and Google continue to promote nudify apps despite policies against such content, raising concerns about their enforcement and user safety.
Privacy technologies
fromDigital Trends
2 days ago

Damning report finds Apple and Google's app stores boosting nudify apps

Apple and Google are promoting harmful nudify apps through their search and advertising systems, despite policies against adult content.
Privacy technologies
fromEngadget
3 days ago

Apple and Google are reportedly pointing users to nudify apps

Apple and Google continue to promote nudify apps despite policies against such content, raising concerns about their enforcement and user safety.
Privacy technologies
fromDigital Trends
2 days ago

Damning report finds Apple and Google's app stores boosting nudify apps

Apple and Google are promoting harmful nudify apps through their search and advertising systems, despite policies against adult content.
more#nudify-apps
#apache-activemq
Information security
fromSecurityWeek
1 day ago

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

A vulnerability in Apache ActiveMQ Classic, CVE-2026-34197, is being actively exploited, requiring immediate patching by organizations.
Information security
fromThe Hacker News
2 days ago

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

A high-severity security flaw in Apache ActiveMQ Classic, CVE-2026-34197, is actively exploited, requiring urgent fixes by April 30, 2026.
Information security
fromSecurityWeek
1 day ago

Recent Apache ActiveMQ Vulnerability Exploited in the Wild

A vulnerability in Apache ActiveMQ Classic, CVE-2026-34197, is being actively exploited, requiring immediate patching by organizations.
Information security
fromThe Hacker News
2 days ago

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

A high-severity security flaw in Apache ActiveMQ Classic, CVE-2026-34197, is actively exploited, requiring urgent fixes by April 30, 2026.
more#apache-activemq
Privacy technologies
fromPetaPixel
2 days ago

Apple and Google Direct Users to AI 'Nudify' Apps: Report

Apple and Google facilitate access to nudify apps that create deepfake nude images despite policies against nonconsensual sexualized content.
Information security
fromDevOps.com
1 day ago

The Open Source Trap: Why Trust Isn't a Security Strategy - DevOps.com

The software supply chain is vulnerable due to reliance on under-resourced open source maintainers, requiring active organizational support for security.
Information security
fromThe Hacker News
1 day ago

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

Threat actors are exploiting three vulnerabilities in Microsoft Defender for elevated privileges, with one flaw already addressed by Microsoft.
Privacy technologies
fromThe Verge
3 days ago

Microsoft faces fresh Windows Recall security concerns

A new tool, TotalRecall Reloaded, extracts data from Microsoft's redesigned Recall feature, raising ongoing security and privacy concerns.
Information security
fromArs Technica
1 day ago

Recent advances push Big Tech closer to the Q-Day danger zone

Organizations are transitioning to new algorithms to replace RSA and elliptic curves due to vulnerabilities exposed by quantum computing threats.
#gmail
Privacy technologies
fromTechRepublic
5 days ago

Google Rolls Out End-to-End Encryption to Eligible Gmail Users on Mobile

Gmail now offers end-to-end encryption for mobile devices, enhancing email privacy for eligible Google Workspace users.
Information security
fromSecurityWeek
5 days ago

Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users

Google introduces end-to-end encryption in Gmail for enterprise users on mobile devices, enhancing privacy and security for email communications.
Privacy technologies
fromTechRepublic
5 days ago

Google Rolls Out End-to-End Encryption to Eligible Gmail Users on Mobile

Gmail now offers end-to-end encryption for mobile devices, enhancing email privacy for eligible Google Workspace users.
Information security
fromSecurityWeek
5 days ago

Gmail Brings End-to-End Encryption to Android and iOS for Enterprise Users

Google introduces end-to-end encryption in Gmail for enterprise users on mobile devices, enhancing privacy and security for email communications.
more#gmail
Information security
fromComputerWeekly.com
2 days ago

Cyber Essentials closes the MFA loophole but leaves some organisations adrift | Computer Weekly

Multi-factor authentication becomes mandatory under Cyber Essentials v3.3, with no exceptions for organizations failing to implement it.
#cisco
Information security
fromThe Hacker News
2 days ago

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has released patches for four critical security vulnerabilities in Identity Services and Webex Services that could allow unauthorized access and code execution.
Information security
fromSecurityWeek
2 days ago

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco patched 15 vulnerabilities, including critical flaws in Webex and Identity Services Engine, allowing potential unauthorized access and command execution.
Information security
fromThe Hacker News
2 days ago

Cisco Patches Four Critical Identity Services, Webex Flaws Enabling Code Execution

Cisco has released patches for four critical security vulnerabilities in Identity Services and Webex Services that could allow unauthorized access and code execution.
Information security
fromSecurityWeek
2 days ago

Cisco Patches Critical Vulnerabilities in Webex, ISE

Cisco patched 15 vulnerabilities, including critical flaws in Webex and Identity Services Engine, allowing potential unauthorized access and command execution.
more#cisco
Information security
fromTheregister
3 days ago

Critical Fortinet sandbox bugs allow auth bypass and RCE

Two critical vulnerabilities in Fortinet's sandbox allow unauthenticated attackers to bypass authentication or execute unauthorized code.
Information security
fromSecurityWeek
4 days ago

ICS Patch Tuesday: 8 Industrial Giants Publish New Security Advisories

Multiple industrial giants have released new ICS security advisories addressing various vulnerabilities since the last Patch Tuesday.
Privacy technologies
fromZDNET
3 weeks ago

5 telltale signs that your phone has been compromised (and how to combat them)

Phone hacking can be detected through signs like battery drain, slow performance, unfamiliar logins, and reduced storage space.
Information security
fromTheregister
3 days ago

Ancient Excel bug comes out of retirement for active attacks

A 17-year-old critical Excel vulnerability is actively being exploited, prompting CISA to issue a patch deadline for federal agencies.
#ai
Information security
fromTechzine Global
4 days ago

GPT-5.4-Cyber aims to further embed AI in cybersecurity

OpenAI's GPT-5.4-Cyber enhances generative AI for cybersecurity, focusing on defensive applications and providing trusted users with advanced capabilities.
Information security
fromTechzine Global
5 days ago

Runtime security becomes critical as AI accelerates threats

Artificial intelligence accelerates innovation and cyber threats, necessitating a focus on runtime security for effective enterprise protection.
more#ai
Information security
fromSecurityWeek
3 days ago

100 Chrome Extensions Steal User Data, Create Backdoor

Over 20,000 users installed malicious Chrome extensions that steal information, provide backdoors, or inject ads, as reported by cybersecurity firm Socket.
#adobe
Information security
fromTechRepublic
4 days ago

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe released an emergency patch for a critical vulnerability in its products, exploited since December 2025, with a CVSS score of 8.6.
Information security
fromSecurityWeek
4 days ago

Adobe Patches 55 Vulnerabilities Across 11 Products

Adobe's Patch Tuesday updates address 55 vulnerabilities across 11 products, with critical ColdFusion flaws requiring immediate attention.
Information security
fromTechRepublic
4 days ago

Adobe Issues Emergency Patch for Critical PDF Flaw Exploited For Months

Adobe released an emergency patch for a critical vulnerability in its products, exploited since December 2025, with a CVSS score of 8.6.
Information security
fromSecurityWeek
4 days ago

Adobe Patches 55 Vulnerabilities Across 11 Products

Adobe's Patch Tuesday updates address 55 vulnerabilities across 11 products, with critical ColdFusion flaws requiring immediate attention.
more#adobe
Information security
fromSecurityWeek
4 days ago

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

CISA expanded its Known Exploited Vulnerabilities catalog with seven new vulnerabilities, including critical Windows and Adobe flaws.
Information security
fromThe Hacker News
4 days ago

Analysis of 216M Security Findings Shows a 4x Increase In Critical Risk (2026 Report)

Critical risk findings surged by nearly 400% amid a 52% increase in raw alert volume, driven by AI-assisted development.
Privacy professionals
fromSocial Media Today
2 months ago

WhatsApp Adds Advanced Security Setting to Counter OS Level Attacks

WhatsApp added Strict Account Settings to block attachments and media from non-contacts and deployed Rust-based safeguards to protect against rare media-processing spyware.
Information security
fromTechzine Global
5 days ago

Adobe patches vulnerability that steals data via PDFs

A sophisticated attack exploits a vulnerability in Adobe Reader via malicious PDF files to gather sensitive information and potentially execute arbitrary code.
Information security
fromTechRepublic
1 week ago

Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed

A critical flaw in the EngageLab SDK allowed malicious apps to exploit trusted permissions, affecting over 50 million Android users.
Information security
fromSecurityWeek
1 week ago

Google API Keys in Android Apps Expose Gemini Endpoints to Unauthorized Access

Google API keys in Android apps can be exploited to access Gemini AI endpoints, risking personal data exposure.
Information security
fromThe Hacker News
1 week ago

EngageLab SDK Flaw Exposed 50M Android Users, Including 30M Crypto Wallets

A security vulnerability in EngageLab SDK could have exposed millions of cryptocurrency wallet users to unauthorized data access.
Information security
fromThe Hacker News
1 week ago

The Hidden Cost of Recurring Credential Incidents

Credential incidents cause significant operational costs and disruptions, impacting IT teams and overall business productivity beyond just breach prevention.
#mobile-security
Information security
fromSecurityWeek
2 weeks ago

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.
fromZDNET
1 month ago
Information security

Phone acting weird? 5 red flags that could point to hackers

Unusual battery drain, slow performance, unfamiliar logins, and reduced storage are common signs that a mobile phone may be infected with spyware.
Information security
fromSecurityWeek
2 weeks ago

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.
more#mobile-security
fromZDNET
2 months ago

Is spyware hiding on your phone? How to find out and remove it - fast

Spyware is one of the top threats to your mobile security and can severely impact your handset's performance if you are unlucky enough to become infected. It is a type of malware that typically lands on your iPhone or Android phone through malicious mobile apps or through phishing links, emails, and messages. While appearing to be a legitimate software package or useful utility, spyware will operate quietly in the background to monitor your movements,
Privacy technologies
fromTech Advisor
2 months ago

Your phone is covertly sharing your data at night! How to stop it

The data that a smartphone transmits in a continuous loop can be divided into two categories: legitimate data that maintains the functionality of the device, and sensitive data that is used for tracking, advertising and other purposes. It is not always clear which data falls into which category. For example, if your device sends diagnostic data and reports to the manufacturer or app developers, this may be necessary and important. However, it usually also requires your consent.
Privacy technologies
#iphone-security
Information security
fromArs Technica
1 month ago

Hundreds of millions of iPhones can be hacked with a new tool found in the wild

DarkSword, a sophisticated iPhone hacking technique discovered in use by Russian hackers, can silently compromise hundreds of millions of iOS devices running older operating system versions through infected websites.
Information security
fromWIRED
1 month ago

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A sophisticated iPhone hacking technique called DarkSword enables attackers to silently compromise iOS devices through infected websites, affecting hundreds of millions of users running older iOS versions.
Information security
fromArs Technica
1 month ago

Hundreds of millions of iPhones can be hacked with a new tool found in the wild

DarkSword, a sophisticated iPhone hacking technique discovered in use by Russian hackers, can silently compromise hundreds of millions of iOS devices running older operating system versions through infected websites.
Information security
fromWIRED
1 month ago

Hundreds of Millions of iPhones Can Be Hacked With a New Tool Found in the Wild

A sophisticated iPhone hacking technique called DarkSword enables attackers to silently compromise iOS devices through infected websites, affecting hundreds of millions of users running older iOS versions.
more#iphone-security
Information security
fromMail Online
1 month ago

Warning to iPhone users over hacking tool tied to government spyware

Coruna spyware targets iPhones running iOS versions from 2019 to late 2023, exploiting over 20 vulnerabilities to steal sensitive data without user awareness.
Information security
fromSecurityWeek
2 months ago

Critical React Native Vulnerability Exploited in the Wild

Critical CVE-2025-11953 (Metro4Shell) in React Native's Community CLI/Metro is being actively exploited since December, exposing thousands of internet-accessible instances.
[ Load more ]