The Hacker News

New React RSC Vulnerabilities Enable DoS and Source Code Exposure

The React team has released fixes for two new types of flaws in React Server Components (RSC) that, if successfully exploited ...
The Hacker News

React2Shell Exploitation Escalates into Large-Scale Global Attacks, Forcing Emergency Mitigation

CISA warns that attackers are actively exploiting the React2Shell CVE-2025-55182 flaw, urging fast patching across vulnerable ...
CoinDesk

New React bug that can drain all your tokens is impacting 'thousands of' websites

Attackers are using the vulnerability to deploy malware and crypto-mining software, compromising server resources and ...

Google clarifies canonicalization with JavaScript

Google added a section on canonicalization best practices for JavaScript to the JavaScript SEO best practices document.

Criminal IP Reveals Global React2Shell RCE Exposure Across React Server Components

React2Shell (CVE-2025-55182) is a critical vulnerability affecting the most widely used React-based services across the web ...

GhostPoster attacks hide malicious JavaScript in Firefox addon logos

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions counting more ...
GitHub

The JavaScript bundler for React Native.

Metro is included with React Native — see the React Native docs to quickly get started ⏱️. To add Metro to an existing project, see our Getting Started guide. Metro was previously part of the ...
GitHub

Official Sentry SDKs for JavaScript

This is the next line of Sentry JavaScript SDKs, comprised in the @sentry/ namespace. It will provide a more convenient interface and improved consistency between various JavaScript environments. We ...