The Hacker News

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
The Hacker News

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

Active React2Shell exploitation uses malicious NGINX configurations to hijack web traffic, targeting Baota panels, Asian TLDs ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
MoneyWeek

What Santander’s takeover of TSB means for customers

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Shareholders in the owner of TSB have approved the sale of the bank to Banco Santander, which ...
Twinfinite

Infinite Script Fighting Codes (February 2026)

After the latest Infinite Script Fighting codes? This Roblox RPG is all about killing endless waves of enemies, known as scripts, to gradually evolve your skills and level up. For a helping hand and ...