Somehow there always seems to be another Internet security disaster around the corner. A few months ago everyone was in a panic about Heartbleed. Now the bug called Shellshock (officially CVE-2014-6271), a far more serious vulnerability, is running uncontrolled over the Internet.
It's never a good time to panic, but if you're discouraged I don't blame you; I know I am.

In retrospect, the grave concern over Heartbleed seems misplaced. As information disclosure bugs go it was a really bad one, but it was only an information disclosure bug and a difficult one to exploit. The sky's the limit on attacks with Shellshock and it's so easy to exploit that it's already being widely-exploited according to research firm Fireeye, which says they have already observed several forms of attack:

The link for this article located at ZDNet Blogs is no longer available.