Originally reported by Dark Reading, Infosecurity Magazine
TL;DR
A previously disclosed F5 BIG-IP denial-of-service vulnerability has been reclassified as remote code execution and is now under active exploitation. Meanwhile, Telegram disputes claims of a critical no-click vulnerability despite a 9.8 CVSS score assignment.
F5 BIG-IP vulnerability CVE-2025-53521 has been reclassified from DoS to RCE and is under active exploitation, representing immediate threat to enterprise infrastructure.
CVE-2025-53521, initially disclosed in October 2025 as a high-severity denial-of-service vulnerability in F5 BIG-IP systems, has been reclassified as remote code execution following new threat intelligence. Dark Reading reports the vulnerability is now under active exploitation, significantly elevating the threat landscape for organizations running affected F5 infrastructure.
The reclassification transforms what was considered a availability impact into a potential gateway for complete system compromise. Organizations running F5 BIG-IP deployments should prioritize patching and implement additional network segmentation controls while patches are applied.
A security researcher has disclosed what they claim is a critical vulnerability in Telegram's messaging platform, assigned a 9.8 CVSS score. The alleged flaw reportedly enables remote code execution through corrupted sticker files without user interaction. However, Telegram has publicly disputed the vulnerability's existence, creating uncertainty in the security community.
The dispute highlights the ongoing challenges in vulnerability disclosure coordination, particularly for consumer-facing platforms with massive user bases. Until resolution, security teams should monitor for additional technical details or independent verification.
Research indicates manufacturing and healthcare organizations continue struggling with access management implementation. According to Dark Reading's analysis, internal resistance stems from user perception of security controls as operational roadblocks, while threat actors specifically target these sectors due to weak authentication practices.
Both industries handle critical infrastructure and sensitive data respectively, making password security failures particularly consequential. The research suggests addressing user experience concerns while implementing stronger authentication requirements.
Law firm Nockolds' analysis reveals employee data breaches have surged to their highest levels in seven years, with non-cyber incidents driving the increase. This trend suggests organizations may be focusing cybersecurity resources on external threats while overlooking internal data handling processes.
The findings indicate need for comprehensive data governance programs addressing both technical security controls and operational procedures for employee information handling.
Cybercriminals are leveraging tax season urgency with sophisticated phishing operations delivering remote monitoring and management (RMM) malware, credential theft tools, business email compromise schemes, and fraudulent tax forms. The multi-vector approach demonstrates threat actor adaptation to seasonal social engineering opportunities.
Security teams should implement enhanced email filtering and user awareness training focused on tax-related communications during filing season.
Originally reported by Dark Reading, Infosecurity Magazine
