❌

Reading view

↗️

Critical React Native Metro dev server bug under attack as researchers scream into the void

βœ‡The Register – Security
By: Jessica Lyons

Too slow react-ion time

Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware to both Windows and Linux machines, and yet the in-the-wild attacks still haven't received the "broad public acknowledgement" that they should, according to security researchers.…

  •  
  • ↗️
↗️

Notepad++ hijacking blamed on Chinese Lotus Blossom crew behind Chrysalis backdoor

βœ‡The Register – Security
By: Jessica Lyons

The group targets telecoms, critical infrastructure - all the usual high-value orgs

Security researchers have attributed the Notepad++ update hijacking to a Chinese government-linked espionage crew called Lotus Blossom (aka Lotus Panda, Billbug), which abused weaknesses in the update infrastructure to gain a foothold in high-value targets by delivering a newly identified backdoor dubbed Chrysalis.…

  •  
  • ↗️
❌