The Hacker News

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
Northcountrypublicradio.org

These were the most-borrowed books from public libraries in 2024

Many of the most-borrowed books in 2024, including 'romantasy' titles and memoirs, also appeared on public library lists in 2023. These were the most-borrowed books from public libraries in 2024 Some ...
InfoQ

Warper: Rust Powered React Virtualisation Library

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. Soroosh Khodami discusses why we aren't ready ...
NPR

Melinda French Gates reacts to new details about Bill Gates in the Epstein files

You can watch the full Wild Card interview here. Can't see the clip above? Watch it on YouTube. Melinda French Gates on Tuesday said that her ex-husband, Bill Gates, needs to answer for the behavior ...
Metro Weekly

Mamdani’s “Heated Rivalry” Pick Boosts Downloads by 529%

Electronic downloads of Heated Rivalry, the second novel in author Rachel Reid’s six-book Game Changer romance series, surged after New York City Mayor Zohran Mamdani name-dropped the book while ...
The Grio

Barack Obama, Kamala Harris react to murders of Rob Reiner and wife: ‘Fought for America’s democracy’

The world of politics is reacting to the shocking home killing of Hollywood director and producer Rob Reiner and his wife, Michele, on Sunday. Reiner was an Emmy Award-winning filmmaker with credits ...
financefeeds

Hackers Exploit JavaScript Library to Deploy Crypto Wallet Drainers

Hackers have exploited a flaw in the React JavaScript library to inject code that drains crypto wallets onto websites, primarily on cryptocurrency platforms. The React team released a patch on ...
Computer Weekly

Cyber teams on alert as React2Shell exploitation spreads

A remote code execution (RCE) vulnerability in the React JavaScript library, which earlier today caused disruption across the internet as Cloudflare pushed mitigations live on its network, is now ...
Dark Reading

React2Shell Vulnerability Under Attack From China-Nexus Groups

A critical vulnerability affecting the popular open source JavaScript library React is under attack — by none other by Chinese nation-state threat actors. CVE-2025-55182, which was disclosed Wednesday ...
Bleeping Computer

Critical React, Next.js flaw lets hackers execute code on servers

A maximum severity vulnerability, dubbed 'React2Shell', in the React Server Components (RSC) 'Flight' protocol allows remote code execution without authentication in React and Next.js applications.