• Attackers are exploiting RCE vulnerability in BIG-IP APM systems (CVE-2025-53521)
• New Wave of AiTM Phishing Targets TikTok for Business
• TeamPCP Targets Telnyx Package in Latest PyPI Software Supply Chain Attack
• TeamPCP strikes again: Backdoored Telnyx PyPI package delivers malware
• Quantum Computing Threat to Encryption Is Closer Than Expected, Warns Google
• UK Cracks Down on Chinese Crypto Marketplace for Funding Southeast Asia Scam Hubs
• CISA sounds alarm on Langflow RCE, Trivy supply chain compromise after rapid exploitation
• Ajax data breach exposed season tickets, supporter bans open to tampering
• AI frenzy feeds credential chaos, secrets leak through code, tools, and infrastructure
• Make OpenAI’s models misbehave and earn a reward
• Top product launches at RSAC 2026
• Tails 7.6 ships automatic Tor bridge retrieval and a new password manager
• Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code
• Attackers Rapidly Weaponize Critical Oracle WebLogic RCE, Honeypot Study Finds
• EtherRAT Techniques Bypass Security Via Ethereum Smart Contracts
• Second RedLine infostealer operator ends up in US custody
• AI Becomes the Top Cybersecurity Priority for Defenders as Criminals Exploit It, PwC Warns
• Researchers release tool to detect stealthy BPFDoor implants in critical infrastructure networks
• OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns
• Iran-Linked Pay2Key Ransomware Group Re-Emerges
• Invoice Fraud Costs UK Construction Sector Millions, NCA Warns
• Cloud Phones Linked to Rising Financial Fraud Threat
• Hackers Exploit Compromised Enterprise Identities at Industrial Scale, Warns SentinelOne
• US: FCC Bans Foreign-Made Routers Over National Security Concerns
• TeamPCP Expands Supply Chain Campaign With LiteLLM PyPI Compromise

A critical unauthenticated remote code execution vulnerability (CVE-2025-53521) in F5’s BIG-IP Access Policy Manager (APM) solution is under active exploitation, the US Cybersecurity and Infrastructure Security Agency warned on Friday. CISA added the flaw to its Known Exploited Vulnerabilities catalog after F5 updated the related security advisory, The advisory was initially published on October 15, 2025, when F5 confirmed a data breach that resulted in a “highly sophisticated nation-state threat actor” accessing – among other …