Find notable cyber news and cases, enriched with sources, timelines, and signals.

Cybersecurity and Infrastructure Security Agency Emergency Directive 26-01 Mandated agencies apply the latest vendor update for at-risk F5 products for Federal Civilian Executive

Public Sector Action
First reported
Last updated
Happening score
H score 62
3 unique sources, 3 articles

Summary

Hide ▲

CISA issued Emergency Directive 26-01 after identifying a significant cyber threat to federal networks using certain F5 devices and software. The directive requires Federal Civilian Executive Branch agencies to apply the latest vendor-provided update for at-risk F5 virtual and physical devices and downloaded software, including F5OS, BIG-IP TMOS, BIG-IQ, and BNK / CNF, by October 22, 2025. CISA said the action is meant to reduce immediate exposure and will be checked for compliance, and it also told agencies to follow F5’s Quarterly Security Notification.

Related Happenings

CISA orders FCEB Ivanti Sentry remediation under BOD 26-04

Public Sector Action
H score36 First: 12.06.2026 11:26 Last: 12.06.2026 11:26 Sources 1

About this happening: **CISA** ordered **FCEB agencies** to secure **Ivanti Sentry** within **three days** after confirming **CVE-2026-10520** is being **actively exploited**, creating immediate remedi...

CISA BOD 26-04 remediation requirements

Advisory/Mitigation
H score31 First: 11.06.2026 15:46 Last: 11.06.2026 15:46 Sources 1

About this happening: CISA’s **Binding Operational Directive 26-04** forces **FCEB agencies** to speed up remediation of high-risk vulnerabilities, with some deadlines as short as **3 days** and new **...

CISA KEV update and FCEB remediation deadline

Public Sector Action
H score33 First: 10.06.2026 17:44 Last: 10.06.2026 17:44 Sources 1

About this happening: **CISA** added **three actively exploited vulnerabilities** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate by **June 23, 2026**. Th...

CISA BOD 26-04 prioritizes vulnerability remediation for federal civilian agencies

Public Sector Action
H score27 First: 10.06.2026 15:00 Last: 10.06.2026 15:00 Sources 1

About this happening: **CISA** issued **Binding Operational Directive 26-04** to require **federal civilian agencies** to prioritize vulnerability remediation using **Asset Exposure**, **KEV Status**,...

CISA KEV order for FCEB remediation of CVE-2026-50751

Public Sector Action
H score43 First: 09.06.2026 11:18 Last: 09.06.2026 11:18 Sources 1

About this happening: **CISA** ordered **Federal Civilian Executive Branch** agencies to secure **CVE-2026-50751**, forcing a rapid federal response to a flaw that can let attackers bypass authenticati...

Timeline

  1. 15.10.2025 15:00 4 articles · 8mo ago

    CISA issues Emergency Directive 26-01 for F5 remediation

    Legal Policy Action Update

    CISA identified a significant cyber threat targeting federal networks that use certain F5 devices and software and issued Emergency Directive 26-01 requiring Federal Civilian Executive Branch agencies to apply the latest vendor-provided update for at-risk F5 virtual and physical devices and downloaded software, including F5OS, BIG-IP TMOS, BIG-IQ, and BNK / CNF, by October 22, 2025, and to follow F5’s Quarterly Security Notification.

    Show sources