The R programming language patched a critical vulnerability, CVE-2024-27322, allowing arbitrary code execution via RDS and RDX files.

Over 135,000 R source files were found to be affected by this high-risk vulnerability.

Sharing of RDS and RDX files among developers and data scientists opens an effective attack vector.

R Core version 4.4.0 contains fixes and should be updated to immediately to mitigate risks.

Organizations utilizing R must evaluate their risk and update their systems as a protective measure.

The widespread use of R and the readRDS function amplifies the potential impact of the vulnerability.

The US government and education sectors have faced joint malware attacks, and Canadian pharmacy chain London Drugs experienced a cybersecurity incident.

HiddenLayer's AISec Platform aims to offer additional protection against such vulnerabilities in its upcoming Q2 release.

The incident underscores the necessity for continuous vigilance and prompt updates in cybersecurity.