Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

CISA order to secure BIG-IP APM

Public Sector Action
First reported
Last updated
Happening score
H score 52
1 unique sources, 1 articles

Summary

Hide ▲

CISA added CVE-2025-53521 to its actively exploited list and ordered federal agencies to secure BIG-IP APM systems by midnight on Monday, March 30, 2026, escalating urgency around exposed federal access-management deployments. The directive tells agencies to apply vendor mitigations or discontinue use if protections are unavailable. That makes the flaw an immediate public-sector remediation issue for agencies running the affected product.

Related Happenings

CISA emergency patch deadline for Ivanti EPMM

Public Sector Action
First: 08.05.2026 15:16 Last: 08.05.2026 15:16 Sources 1

About this happening: CISA ordered **U.S. federal agencies** to patch **Ivanti EPMM** by **midnight Sunday, May 10** after adding **CVE-2026-6973** to its list of vulnerabilities exploited in attacks....

Open Happening

CISA KEV order for Copy Fail on federal Linux devices

Public Sector Action
First: 08.05.2026 10:45 Last: 08.05.2026 10:45 Sources 1

About this happening: **CISA** added **Copy Fail** to the **Known Exploited Vulnerabilities (KEV) Catalog**, making the Linux flaw a federal remediation priority. The agency ordered **federal agencies*...

Open Happening

CISA KEV listing and FCEB firewall directive for CVE-2026-0300

Public Sector Action
First: 07.05.2026 13:57 Last: 07.05.2026 13:57 Sources 1

About this happening: **CISA** added **CVE-2026-0300** to the **KEV Catalog** and ordered **FCEB agencies** to secure vulnerable firewalls by **May 9, 2026**. The federal directive makes the exploited...

Open Happening

CISA KEV action for CVE-2026-31431 and FCEB remediation

Public Sector Action
First: 03.05.2026 09:26 Last: 03.05.2026 09:26 Sources 1

About this happening: CISA added **CVE-2026-31431** to its **KEV catalog**, putting **Federal Civilian Executive Branch (FCEB)** agencies on notice to remediate an actively exploited Linux privilege-es...

Open Happening

CISA KEV directive for CVE-2026-20133

Public Sector Action
First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...

Open Happening

Timeline

  1. 30.03.2026 13:59 2 articles · 1mo ago

    CISA orders federal BIG-IP APM remediation for CVE-2025-53521

    Legal Policy Action Update

    CISA added CVE-2025-53521 to its actively exploited list and directed federal agencies using BIG-IP APM to secure affected systems by midnight on Monday, March 30, 2026, or discontinue use if mitigations are unavailable. The same update came after F5 reclassified the BIG-IP APM flaw from a DoS issue to a critical RCE and warned that attackers were exploiting it to deploy webshells on unpatched devices.

    Show sources
    Open in new tab