U.S. cybersecurity firm F5 on Wednesday disclosed that unidentified menace actors broke into its programs and stole information containing a few of BIG-IP’s supply code and knowledge associated to undisclosed vulnerabilities within the product.
It attributed the exercise to a “extremely refined nation-state menace actor,” including the adversary maintained long-term, persistent entry to its community. The corporate stated it discovered of the breach on August 9, 2025, per a Kind 8-Ok submitting with the U.S. Securities and Change Fee (SEC).
“We have now taken intensive actions to include the menace actor,” it famous. “Since starting these actions, we have now not seen any new unauthorized exercise, and we imagine our containment efforts have been profitable.”
F5 didn’t say for a way lengthy the menace actors had entry to its BIG-IP product growth setting, however emphasised that it has not noticed any indication that the vulnerabilities have been exploited in a malicious context. It additionally stated that the attackers didn’t entry its CRM, monetary, assist case administration, or iHealth programs.
That stated, the corporate acknowledged that among the exfiltrated information from its data administration platform contained configuration or implementation data for a small share of shoppers. Impacted clients are anticipated to be instantly notified following a assessment of the information.
Following the invention of the incident, F5 has engaged the providers of Google Mandiant and CrowdStrike, in addition to rotated credentials and strengthened entry controls, deployed tooling to raised monitor threats, bolstered its product growth setting with additional security controls, and carried out enhancements to its community security structure.
Customers are suggested to use the newest updates for BIG-IP, F5OS, BIG-IP Subsequent for Kubernetes, BIG-IQ, and APM purchasers as quickly as potential for optimum safety.
