Software supply chain security firm JFrog has disclosed the details of a critical vulnerability affecting a popular React ...

A widely popular npm package carried a critical severity vulnerability that allowed threat actors to, in certain scenarios, ...

The vulnerability, tracked as CVE-2025-11953, carries a CVSS score of 9.8 out of a maximum of 10.0, indicating critical severity. It also affects the "@react-native-community/cli-server-api" package ...

The bug exposes the Metro development server to remote attacks, allowing arbitrary OS command execution on developer systems ...

Security researchers at software supply chain company JFrog Ltd. today revealed details of a critical vulnerability in React, ...

A severe vulnerability was discovered in the React Native Community CLI, a popular open-source package downloaded nearly two million times every week by developers building cross-platform applications ...

Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with content, and download exclusive resources. This article dives into the happens-before ...

Microsoft today announced a new open-source project for React Native developers who want to target Windows. “React Native for Windows,” as the project is unsurprisingly called, is meant to be a new ...

Facebook and Microsoft are working together to support React Native Windows and macOS. Facebook's desktop Messenger app on Windows and macOS is built with React Native. A new sub-team at Facebook is ...

Microsoft's React Native for Windows dev team announced an update in which the developer experience was improved in part by "dogfooding," referring to the practice of teams using the very same ...