Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "@react-native-community/cli" npm package. Cybersecurity company VulnChecksaid it first observed exploitation of CVE-2025-11953 aka Metro4Shell on December 21, 2025. With a...

Fake Booking Emails Redirect Hotel Staff to Fake BSoD Pages Delivering DCRat

--- Source: Securonix Cybersecurity researchers have disclosed details of a new campaign dubbed PHALTBLYX that has leveraged ClickFix-style lures to display fixes for fake blue screen of death BSoD errors in attacks targeting the European hospitality sector. The end goal of the multi-stage campai...

ComicForm and SectorJ149 Hackers Deploy Formbook Malware in Eurasian Cyberattacks

Organizations in Belarus, Kazakhstan, and Russia have emerged as the target of a phishing campaign undertaken by a previously undocumented hacking group called ComicForm since at least April 2025. The activity primarily targeted industrial, financial, tourism, biotechnology, research, and trade...

Malicious code in telepycore (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3dcd0a2a8162a703ef9d7b90566e4c55116a7f4f4d3b8759ca0d2640acd4ee4 Package can only be used requires additional triggering to install a remote executable, ensure it starts on logon and name mimic network service. Though...

MAL-2025-191833 Malicious code in pydefender (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a1e2cc2d94eff74e302118c35c34f87e76175fe507facbe21c29883960c8223e setup.py is prepared to download and run an obfuscated batch script. While the script is not detected by any AV currently, in the sandbox analysis it reveals...