Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.
CSO Online

Shai-Hulud & Co.: The software supply chain as Achilles’ heel

The threat situation in the software supply chain is intensifying. Securing it belongs at the top of the CISO’s agenda.

Hackers exploit critical React Native Metro bug to breach dev systems

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux.
SecurityWeek

Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant

OpenClaw patched a critical vulnerability that could be exploited to hijack the increasingly popular AI assistant.
SecurityWeek

Critical React Native Vulnerability Exploited in the Wild

Threat actors are exploiting the Metro4Shell React Native vulnerability to deploy malware on Linux and Windows systems.
The Register on MSN

Critical React Native Metro dev server bug under attack as researchers scream into the void

Too slow react-ion time Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware ...
Infosecurity Magazine

Hundreds of Malicious Crypto Trading Addons Found in Moltbot/OpenClaw

A security researcher found 386 malicious ‘skills’ published on ClawHub, a skill repository for the popular OpenClaw AI assistant project ...
Technobezz on MSN

AWS fixed a critical CodeBuild flaw that exposed GitHub repositories

AWS patched a critical CodeBuild flaw that risked GitHub repository hijacking and potential supply chain attacks via the AWS Management Console..