In a Private Industry Notification (PIN) issued by the U.S domestic intelligence and security service, it was revealed that Iranian state-sponsored hackers are actively exploiting an F5 BIG-IP flaw. The flaw allows for unauthenticated remote code executions on devices used by Fortune 500 companies, government agencies and banks, shared BleepingComputer. The FBI have added further that these hackers may choose to collect or steal sensitive data from these organisations that could be shared either to other hackers or the Iranian government. Security patches were released on the 3rd of July 2020, by F5 Networks (F5) to fix this critical vulnerability.
