#F5 has disclosed a cyber attack, reportedly carried out by a nation-state actor with long-term, persistent access to critical product development environments. The attacker exfiltrated files that included portions of BIG-IP source code and information about undisclosed vulnerabilities. Some stolen files also contained data impacting a small percentage of customers.

Read more: https://research.checkpoint.com/2025/20th-october-threat-intelligence-report/

> F5, a Seattle-based maker of networking software, disclosed the breach on Wednesday. #F5 said a “sophisticated” threat group working for an undisclosed nation-state government had surreptitiously and persistently dwelled in its network over a “long-term.” Security researchers who have responded to similar intrusions in the past took the language to mean the hackers were inside the F5 network for years.

**Serious F5 Breach** - Schneier on Security

https://www.schneier.com/blog/archives/2025/10/serious-f5-breach.html

📰 F5 Breached by Nation-State Actor; BIG-IP Source Code Stolen, CISA Issues Emergency Directive

🚨 F5 discloses major breach by nation-state actor! BIG-IP source code & vuln data stolen. CISA issues Emergency Directive 26-01 for federal agencies to patch immediately. #F5 #DataBreach #SupplyChain #CISA

🔗 https://cyber.netsecops.io/articles/f5-discloses-nation-state-breach-cisa-issues-emergency-directive/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

"F5 said, the hackers took control of the network segment the company uses to create and distribute updates for BIG IP, a line of server appliances that F5 says is used by 48 of the world’s top 50 corporations."

https://www.schneier.com/blog/archives/2025/10/serious-f5-breach.html

#BIGIP #CloudServices #LoadBalancing #F5

// Alerte maximale : la CISA
redoute l’exploitation du code source volé de F5

Après une attaque sur F5, la CISA ordonne la mise à jour immédiate des systèmes fédéraux.

--> https://www.datasecuritybreach.fr/alerte-maximale-cisa-redoute-une-exploitation-massive-du-code-source-vole-de-f5/

#vulnerabilite #f5 #zataz @Damien_Bancal

#infosec Another couple of great podcasts from @riskybusiness team again on the #F5 debacle

https://risky.biz/WWC11/
https://risky.biz/RB811/

The big question tho — if China was all over F5, from source code, bug trackers, and patch signing services, should we expect other vendors like PaloAlto also to be in a similar as-yet-undiscovered state?

<snark>
Cisco is clearly different as they will still have a hardcoded backdoor in all their products, and Fortinet has so many vulnerabilities already why would anybody bother?
</snark>

Over 266,000 #F5 #BIGIP instances exposed to remote attacks

https://www.bleepingcomputer.com/news/security/over-266-000-f5-big-ip-instances-exposed-to-remote-attacks/

#cybersecurity

F5 experienced a year-long cybersecurity breach stealing source code & vulnerability data. Over 80% of Fortune 500 companies are affected; CISA warns federal networks targeted.
https://www.technadu.com/f5-cybersecurity-breach-exposes-widespread-risks-raises-supply-chain-concerns/611745/

#F5 #CyberSecurity #SupplyChainRisk #TechNadu