Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

F5 BIG-IP and related products Quarterly Security Notification (multiple vulnerabilities)

Security Patch Release
First reported
Last updated
Happening score
H score 34
1 unique sources, 1 articles

Summary

Hide ▲

F5's Quarterly Security Notification told customers to apply security updates for BIG-IP, F5OS, BIG-IP Next for Kubernetes, BIG-IQ and APM clients, making the bulletin a broad remediation step across multiple products. The guidance matters because stolen files included information about undisclosed vulnerabilities in BIG-IP. CISA also told federal agencies to apply updates from F5 and review whether management interfaces are exposed to the public internet.

Related Happenings

CISA and NCSC-UK China-nexus covert device networks advisory

Advisory/Mitigation
First: 23.04.2026 15:00 Last: 23.04.2026 15:00 Sources 1

About this happening: **CISA** and **NCSC-UK** released a new advisory warning organizations about **Chinese government-linked** covert networks built from **compromised devices**. The guidance says we...

Open Happening

CISA KEV listing and FCEB patch order for Ivanti EPMM

Public Sector Action
First: 08.04.2026 21:15 Last: 08.04.2026 21:15 Sources 1

About this happening: **CISA** added **CVE-2026-1340** to the **KEV Catalog** and ordered **FCEB agencies** to patch **Ivanti Endpoint Manager Mobile (EPMM)** by **Saturday midnight, April 11**, forcin...

Open Happening

F5 BIG-IP APM active exploitation wave (CVE-2025-53521)

Exploitation Wave
First: 02.04.2026 11:25 Last: 02.04.2026 11:25 Sources 1

About this happening: As of **2026-04-02**, ongoing attacks are exploiting **CVE-2025-53521** against **F5 BIG-IP APM** systems, leaving more than **14,000** exposed online and at risk of remote code e...

Open Happening

CISA KEV patch directive for CVE-2025-53521

Advisory/Mitigation
First: 30.03.2026 10:07 Last: 30.03.2026 10:07 Sources 1

About this happening: CISA added **CVE-2025-53521** to its **KEV catalog** and told **federal agencies** to patch the F5 BIG-IP flaw within **three days**. The directive is urgent because the bug is be...

Open Happening

CISA urges Intune hardening for U.S. organizations

Public Sector Action
First: 19.03.2026 13:02 Last: 19.03.2026 13:02 Sources 1

About this happening: **CISA** urged **U.S. organizations** to harden **Microsoft Intune** and related endpoint management controls after the **Stryker** attack showed how those systems could be abused...

Open Happening

Timeline

  1. 16.10.2025 11:39 2 articles · 7mo ago

    F5 discloses nation-state breach and urges urgent patching

    Initial Disclosure

    F5 informed customers that a highly sophisticated nation-state threat actor had maintained long-term, persistent access to certain F5 systems and downloaded files from its BIG-IP product development environment and engineering knowledge management platforms after discovering the activity in August 2025. The stolen files included BIG-IP source code and information about undisclosed vulnerabilities, and F5 said it had no knowledge of active exploitation while urging customers to apply updates for BIG-IP, F5OS, BIG-IP Next for Kubernetes, BIG-IQ and APM clients, harden systems with the F5 iHealth Diagnostic Tool, enable BIG-IP event streaming to SIEM, and conduct proactive threat hunting. CISA also issued an emergency directive for federal agencies to check whether networked management interfaces are publicly exposed and apply updates from F5.

    Show sources
    Open in new tab