hrbrmstr, 20 days ago

I ended up having to burn time I honestly don't have this week to blog the stuff from the repo I made yesterday due to CERT and CISA making a big deal (https://www.cisa.gov/news-events/alerts/2024/05/01/certcc-reports-r-programming-language-vulnerability) out of expected behavior in #RStats due to a daft, hype-seeking vendor.

The profession that is cybersecurity is stupid broken.

I rly want (someone) to pwn an org with this CVE just to get it on KEV for sad posterity.

https://rud.is/b/2024/05/03/cve-2024-27322-should-never-have-been-assigned-and-r-data-files-are-still-super-risky-even-in-r-4-4-0/