All news with #big-ip tag

Serious F5 Breach: Build System and BIG-IP Code Compromised

⚠️ F5 disclosed a major intrusion in which a sophisticated, likely nation-state threat actor maintained long-term access to its internal network. During the compromise the attackers gained control of the build and distribution environment for BIG-IP updates and exfiltrated proprietary source code, documentation of unpatched vulnerabilities, and customer configuration files. F5 warned this data could enable widespread supply-chain and targeted attacks against many sensitive networks.

Over 266,978 F5 BIG-IP Instances Exposed to Remote Attacks

⚠️ Shadowserver Foundation reports 266,978 internet-exposed F5 BIG-IP instances after F5 disclosed a breach in which nation-state actors stole source code and information on undisclosed BIG-IP flaws. F5 issued patches addressing 44 vulnerabilities and urged immediate updates for BIG-IP, F5OS, BIG-IQ, and related products. CISA issued an emergency directive requiring federal agencies to patch or mitigate affected devices by set deadlines. Nearly half of the detected instances are in the United States, with most others across Europe and Asia.

F5 Issues BIG-IP Patches After Stolen Vulnerabilities

🔒 F5 has released security updates for BIG-IP products to address vulnerabilities whose details were stolen during a state-linked breach detected on August 9, 2025. The vendor patched 44 issues across BIG-IP, F5OS, BIG-IP Next for Kubernetes, BIG-IQ, and APM clients and says it has not seen evidence the flaws were exploited or publicly disclosed. Customers are urged to apply updates immediately and follow F5's guidance to increase logging and monitoring.

F5 Breach Exposes BIG-IP Source Code, Nation-State Actor

🔒 F5 disclosed that unidentified threat actors accessed its systems and exfiltrated files including portions of BIG-IP source code and documentation on undisclosed product vulnerabilities. The company attributed the intrusion to a highly sophisticated nation-state threat actor, reported detection on August 9, 2025, and said it has contained the activity. F5 engaged Google Mandiant and CrowdStrike, rotated credentials, strengthened controls, and advised customers to apply updates to BIG-IP, F5OS, BIG-IQ, and APM clients.

Nation-State Hackers Breach F5, Steal BIG-IP Source Code

🔒 F5 disclosed that nation-state attackers breached its systems and exfiltrated portions of BIG-IP source code and information about undisclosed vulnerabilities after gaining persistent access to product development and engineering knowledge platforms. The company says it first detected the intrusion on August 9, 2025, and has found no evidence the stolen data has been exploited or publicly disclosed. F5 reports that its software supply chain was not compromised and no suspicious code modifications were observed, while it continues identifying customers whose configuration or implementation details may have been taken.