Metro4Shell: Critical React Native CLI Vulnerability Actively Exploited Against Developers
CVE-2025-11953 in React Native CLI's Metro Development Server is being exploited in the wild to deploy Rust-based malware on developer systems, with attacks observed since December 2025.