UK budget leak blamed on misconfigured WordPress plugin
Misconfigured WordPress plugin and server settings caused premature public access to OBR's unpublished budget, exposing documents and prompting an investigation.
RCE in React Native CLI opens Dev Servers to attacks
The Metro development server exposes an unsafe /open-url endpoint and defaults to listening on 0.0.0.0, allowing remote command execution unless patched.