Supply chain attacks likely with exploitation of novel R programing bug

Threat actors could leverage a high-severity vulnerability impacting the R programming language, tracked as CVE-2024-27322, to enable arbitrary code execution during the deserialization of packages using the RDS format and potentially facilitate supply chain attacks, The Hacker News reports.

arbitrary code arbitrary code execution attacks bug code code execution cve cve-2024 cve-2024-27322 deserialization enable exploitation hacker high high-severity vulnerability language network security novel packages programing programming programming language rds reports severity supply supply chain supply chain attacks the hacker news third-party-code threat threat actors vulnerability