Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux. On Windows, an ...

Albeit mainly considered a theoretical risk, the flaw has been exploited to disable protections and deliver malware. Tracked as CVE-2025-11953 (CVSS score of 9.8) and disclosed in early November, the ...

Threat actors have been observed exploiting a critical security flaw impacting the Metro Development Server in the popular "@react-native-community/cli" npm package. Despite more than a month after ...

The bug exposes the Metro development server to remote attacks, allowing arbitrary OS command execution on developer systems before a fix in version 20.0.0. A critical remote-code execution (RCE) flaw ...

Details have emerged about a now-patched critical security flaw in the popular "@react-native-community/cli" npm package that could be potentially exploited to run malicious operating system (OS) ...

Software supply chain security firm JFrog has disclosed the details of a critical vulnerability affecting a popular React Native NPM package. React Native is an open source framework designed for ...

What feature would you like to see? Is there a missing a feature that is supported on an underlying SDK? Or is there a feature that you think would be useful to have in React Native Firebase?

Moving away from namespaced API and matching as closely as possible the Firebase JS SDK modular (v9) API. Naturally, the native SDK specific API will remain which doesn't exist on the Firebase JS SDK.

An AI assistant is like power steering. The programmer, the driver, remains in control, and the tool magnifies that control. The developer types some code, and the assistant completes the function, ...

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...