The Barracuda Email Security Gateway (ESG) appliance was found to have a vulnerability potentially exploitable by Chinese threat actor, UNC4841. The flaw, tied to a third-party library, ‘Spreadsheet::ParseExcel’, can lead to arbitrary code execution. This was used to deploy SEASPY and SALTWATER malware. Barracuda has patched the vulnerability and automatically applied the update to all ESG devices. The vulnerability has been classified as CVE-2023-7102, but its severity is yet to be categorized.
![](https://healsecurity.com/wp-content/uploads/2024/07/amber-alert-as-nhs-in-plymouth-makes-urgent-plea-for.jpg)
‘Amber alert’ as NHS in Plymouth makes urgent plea for people with certain blood type
The NHS has issued an urgent call for O type blood donors, following increased demand after the recent cyber attack. The attack led to reduced