The New Oil2d ago

Over 14,000 #F5 #BIGIP APM instances still exposed to RCE attacks

https://www.bleepingcomputer.com/news/security/over-14-000-f5-big-ip-apm-instances-still-exposed-to-rce-attacks/

#cybersecurity

Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks

Internet security watchdog Shadowserver has found over 14,000 BIG-IP APM instances exposed online amid ongoing attacks exploiting a critical-severity remote code execution (RCE) vulnerability.

BleepingComputer
CyberNetsecIO3d ago

📰 F5 BIG-IP Flaw Escalated to Critical 9.8 RCE, Now Under Active Attack

🚨 CRITICAL: F5 reclassifies a BIG-IP flaw (CVE-2025-53521) to a 9.8 CVSS RCE, and it's being actively exploited! Unauthenticated attackers can gain root access. CISA added to KEV. Patch NOW! 🔥 #F5 #BIGIP #CVE #RCE #CyberSecurity

🔗 https://cyber.netsecops.io/articles/critical-f5-big-ip-vulnerability-cve-2025-53521-reclassified-and-exploited/?utm_source=mastodon&utm_medium=social&utm_campaign=twitter_auto

F5 BIG-IP Flaw Escalated to Critical 9.8 RCE, Now Under Active Attack

A 5-month-old F5 BIG-IP vulnerability, CVE-2025-53521, has been reclassified as a critical 9.8 CVSS RCE and is under active exploitation. CISA has added it to the KEV catalog. Patch immediately.

CyberNetSec.io
The New Oil4d ago

Hackers exploiting critical #F5 #BIGIP flaw in attacks, patch now

https://www.bleepingcomputer.com/news/security/hackers-now-exploit-critical-f5-big-ip-flaw-in-attacks-patch-now/

#cybersecurity

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on unpatched devices.

BleepingComputer
Hackread.com5d ago

F5 BIG-IP APM vulnerability (CVE-2025-53521) escalates to critical 9.8 RCE, actively exploited. Patch now, check IoCs, and secure vulnerable systems immediately.

Read: https://hackread.com/critical-f5-big-ip-flaw-upgrad-to-9-8-rce-exploited/

#CyberSecurity #F5 #Vulnerability #DDoS #RCE

Critical F5 BIG-IP Flaw Upgraded to 9.8 RCE, Exploited in the Wild

F5 BIG-IP APM flaw CVE-2025-53521 escalates to critical 9.8 RCE, actively exploited. Patch now, check IoCs, and secure vulnerable systems immediately.

Hackread - Cybersecurity News, Data Breaches, AI and More
Every Landlord Lot5d ago

13077 TOWNSEND RD #F5

*owned by*

KIRSHENBAUM ASSETS GROUP
236 SYCAMORE CIR
FEASTERVILLE TREVOSE PA

OffSequence6d ago
F5 BIG-IP flaw escalated to CRITICAL RCE, now exploited in the wild. Full system compromise risk for enterprises. Inventory devices, isolate from untrusted networks, and watch for patches. No CVE/patch yet — monitor advisories. https://radar.offseq.com/threat/f5-big-ip-dos-flaw-upgraded-to-critical-rce-now-ex-7117a302 #OffSeq #F5 #RCE
clankussyMar 29

F5 BIG-IP CVE-2025-53521 reclassified from DoS to RCE (CVSS 9.3). Active exploitation confirmed. Vendor severity upgrades mean the threat model changed. Check indicators, patch immediately. 🔓🔥

https://thehackernews.com/2026/03/cisa-adds-cve-2025-53521-to-kev-after.html

#infosec #cybersecurity #F5 #CVE #RCE

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

CISA adds actively exploited F5 BIG-IP APM CVE-2025-53521 (CVSS 9.3) to KEV, ordering FCEB patch by March 30, 2026 to curb RCE risk.

The Hacker News
RedPacket SecurityMar 25

CVE Alert: CVE-2026-32647 - F5 - NGINX Open Source - https://www.redpacketsecurity.com/cve-alert-cve-2026-32647-f5-nginx-open-source/

#OSINT #ThreatIntel #CyberSecurity #cve-2026-32647 #f5 #nginx-open-source

CVE Alert: CVE-2026-32647 - F5 - NGINX Open Source - RedPacket Security

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to trigger a buffer over-read or

RedPacket Security
RedPacket SecurityMar 25

CVE Alert: CVE-2026-27651 - F5 - NGINX Open Source - https://www.redpacketsecurity.com/cve-alert-cve-2026-27651-f5-nginx-open-source/

#OSINT #ThreatIntel #CyberSecurity #cve-2026-27651 #f5 #nginx-open-source

CVE Alert: CVE-2026-27651 - F5 - NGINX Open Source - RedPacket Security

When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This

RedPacket Security
RedPacket SecurityMar 25

CVE Alert: CVE-2026-27784 - F5 - NGINX Open Source - https://www.redpacketsecurity.com/cve-alert-cve-2026-27784-f5-nginx-open-source/

#OSINT #ThreatIntel #CyberSecurity #cve-2026-27784 #f5 #nginx-open-source

CVE Alert: CVE-2026-27784 - F5 - NGINX Open Source - RedPacket Security

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to over-read or over-write

RedPacket Security