The Register on MSN

Critical React Native Metro dev server bug under attack as researchers scream into the void

Too slow react-ion time Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware ...
The Hacker News

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.

Hackers exploit critical React Native Metro bug to breach dev systems

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native ...
UVA Today

Why do people lose their minds over typefaces and fonts?

That was on display last month when the U.S. State Department announced it was returning to Times New Roman from the previously mandated Calibri. And who can forget the dustup over Comic Sans, the ...
Los Angeles Times

Native people refuse to be erased from America’s past, present or future

This is read by an automated voice. Please report any issues or inconsistencies here. President Trump seems determined to transform America into a straight white Christian nation. He filters our ...
CBS News

Dozens of Native Americans report being questioned or detained by ICE

As President Donald Trump's immigration crackdown continues, one community says they've felt unfairly targeted. This year, the Navajo Nation said dozens of Native Americans have been questioned or ...
PBS

Why Native Americans are facing high rates of mental decline

It’s estimated that around 7 million Americans have Alzheimer’s disease, a number that’s expected to double by 2060. But researchers have found that some of the highest rates of cognitive impairment ...
Bleeping Computer

React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable

Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already ...
Ars Technica

Admins and defenders gird themselves against maximum-severity server vuln

Security defenders are girding themselves in response to the disclosure of a maximum-severity vulnerability disclosed Wednesday in React Server, an open-source package that’s widely used by websites ...
InfoWorld

Developers urged to immediately upgrade React, Next.js

Critical vulnerability in React library should be treated by IT as they did Log4j - as an emergency, warns one expert. Developers using the React 19 library for building application interfaces are ...
GitHub

[iOS]: App Extension in new architecture works - but Fabric Text Renderer does not respect any font styles

We are currently porting our react-native app from 0.7x to 0.8x, including our app extension to the new architecture which makes use of fabric rendering. We are glad the app extension is now running ...
CSOonline

Flaw in React Native CLI opens dev servers to attacks

The bug exposes the Metro development server to remote attacks, allowing arbitrary OS command execution on developer systems before a fix in version 20.0.0. A critical remote-code execution (RCE) flaw ...