The Cybersecurity and Infrastructure Security Agency is warning the public of active cyberthreats targeting vulnerabilities found in devices and software made by the cybersecurity company F5.
In an emergency directive issued Wednesday, the agency said attackers can exploit flaws in F5 products and gain unauthorized access to embedded credentials and application programming interface keys.
Leaders from CISA and the Department of Homeland Security will be present at the Potomac Officers Club’s 2025 Homeland Security Summit on Nov. 12. Learn more about the present and emerging threats to the nation and network with prominent industry figures at the in-person event. Secure your tickets now.
Table of Contents
Details of F5 Breach
The directive follows F5’s disclosure that an unidentified nation-state cyber threat actor has long-term, persistent access to and has extracted data from the company’s BIG-IP product development environment and engineering knowledge management platforms.
F5 has applied measures to contain the threat and has since not observed malicious behaviors in its systems. The company said it is also taking further steps to protect customers and has rolled out updates to affected products, including BIG-IP, F5OS, BIG-IP Next for Kubernetes, BIG-IQ and APM.
What Affected Organizations Must Do
The emergency directive instructs federal civilian executive branch agencies and other organizations from the public and private sectors to identify and update at-risk F5 virtual and physical devices and software.
“The alarming ease with which these vulnerabilities can be exploited by malicious actors demands immediate and decisive action from all federal agencies,” stated CISA Acting Director Madhu Gottumukkala. “These same risks extend to any organization using this technology, potentially leading to a catastrophic compromise of critical information systems. We emphatically urge all entities to implement the actions outlined in this Emergency Directive without delay.”
In line with the directive, the Federal Risk and Authorization Management Program also published a notice to inform cloud service providers, or CSPs, about the threat. CSPs that use affected F5 devices within their respective FedRAMP authorization boundaries are tasked to complete vulnerability response actions, such as applying vendor-supplied patches and removing access of affected devices to the public internet, by Oct. 22.
Related Articles
The Trump administration is continuing to accelerate the resurgence of U.S. manufacturing through a series of private sector investments aimed at boosting domestic production and creating thousands of highly skilled jobs. What Are Major Corporate Investments Boosting US Manufacturing? The White House said Wednesday automaker Stellantis disclosed plans to invest $13 billion in efforts to expand its U.S. production capacity by 50 percent over the next four years. The initiative includes reopening its Belvidere, Illinois-based plant and increasing output at facilities in Ohio, Michigan and Indiana. The expansion is projected to generate 5,000 new jobs and add five new vehicle
The U.S. Air Force has discarded its plan to establish a major new command dedicated to setting requirements and modernizing its weapon systems, choosing instead to consolidate these functions within an existing department, Breaking Defense reported Wednesday. The service will simultaneously create a new senior executive role, the chief modernization officer, to direct strategic efforts. How Will Modernization Leadership Be Consolidated? The functions originally designated for the abandoned Integrated Capabilities Command will be absorbed by the Air Force Futures organization. This transfer of responsibilities is scheduled for completion by April 2026. The newly created CMO position will serve as the
President Donald Trump has directed the secretary of Defense and the Office of Management and Budget director to use available funds to ensure military pay disbursements. Why Did the President Order FY26 Funds for Military Pay? According to the National Security Presidential Memorandum-8 released Wednesday by the White House, the president, as commander in chief of the U.S. Armed Forces, mandated the use of funds appropriated for fiscal year 2026 to cover pay and allowances for active-duty and reserve military personnel during the ongoing lapse in annual appropriations. The Defense Secretary will identify funding sources that bear a “reasonable logical relationship”