A security vulnerability has been discovered in the R programming language that could be exploited by a threat actor to create a malicious RDS (R Data Serialization) file such that it results in code execution when loaded and referenced.
The flaw, assigned the CVE identifier CVE-2024-27322, “involves the use of promise objects and lazy evaluation in R,” AI application security
Source link
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks
Related Posts
North Korean APT Bypasses DMARC for Cyber Espionage
COMMENTARYWith heightened geopolitical tensions, a surge in cyberattacks on US and allied organizations by a North Korean cyber-espionage group is hardly unexpected. What is disquieting, however, is that an advanced…
Mistrial declared for ex-AT&T exec accused of bribing government official
A mistrial was declared today in the trial of former AT&T Illinois President Paul La Schiazza, who was accused of bribing a powerful state lawmaker’s ally in order to obtain…