U.S. cybersecurity agency CISA says the CopyFail bug is being actively used in hacking campaigns, and poses a major risk to servers and data centers that rely on Linux.

Virginia and Washington, D.C. paused the data collection and sharing, after Bloomberg's investigation found their health insurance marketplaces were sharing users' information with advertisers.

Web hosts are scrambling to fix the bug under active attack by hackers. One company said hackers have been abusing the bug for months.

The security bug is now fixed, but the patient who found it said it was challenging to alert the software company about the issue.

The government of Sri Lanka has lost more than $3 million in two recent, separate cybersecurity incidents as the country continues to recover from its 2022 debt crisis.