CSO Online

RCE in React Native CLI opens Dev Servers to attacks

The bug exposes the Metro development server to remote attacks, allowing arbitrary OS command execution on developer systems ...
Infosecurity Magazine

Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection

Three of Anthropic’s Claude Desktop extensions were vulnerable to command injection – flaws that have now been fixed ...