CISA warns federal agencies of exploited Google Chrome and open-source vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has added two newly discovered bugs, the open-source Perl library and a Google Chrome bug, to its list of exploited vulnerabilities. Government agencies have been advised to patch them by January 23. The Perl library vulnerability, discovered by researcher Le Dinh Hai, enables the extraction of information from Excel spreadsheets, and China-based hackers are reportedly deploying it to propagate known malware strains.