
Metro4Shell: Active exploitation of critical React Native Metro bug raises global alarm
Read Our Expert Analysis
Create an account or login for free to unlock our expert analysis and key takeaways for this development.
By continuing, you agree to receive marketing communications and our weekly newsletter. You can opt-out at any time.
Recommended for you
React2Shell: Rapid, Large-Scale Exploitation Delivers Reverse Shells and XMRig Miners
A critical unauthenticated remote-execution flaw in React 19 (CVE-2025-55182) has been aggressively exploited, producing over 1.4 million attack attempts in a week and resulting in reverse shells and cryptocurrency-mining deployments. Defenders should combine urgent patching with network containment, WAF protections, and targeted hunts for post-exploitation artifacts while also checking exposed developer tooling and dependency integrity to reduce secondary attack surfaces.

Hackers Rapidly Exploit Critical BeyondTrust Remote-Access Flaw After PoC Emerges
A critical unauthenticated remote-code execution bug (CVE-2026-1731) in BeyondTrust Remote Support and Privileged Remote Access was probed and targeted within 24 hours of a public proof-of-concept, exposing thousands of internet-facing instances. Organizations should treat exposed BeyondTrust deployments as emergency patching and containment priorities, applying access restrictions, WAF/ACL rules, and focused threat-hunting while verifying remediation.
