Nation-State Hackers Behind Massive F5 Hack
U.S. cybersecurity firm F5 announced on Wednesday that unknown threat actors breached its systems and stole files containing portions of BIG-IP’s source code as well as details about undisclosed product vulnerabilities.
The company attributed the intrusion to a highly sophisticated nation-state actor, noting that the attackers maintained persistent, long-term access to its network.
Bloomberg, citing sources familiar with the matter, reported that U.S. officials suspect the breach may be linked to a China-based campaign targeting infrastructure providers. F5 did not assign any attribution for the intrusion in its filing.
A statement on the F5 website reads as follows :-
In August 2025, we learned a highly sophisticated nation-state threat actor maintained long-term, persistent access to, and downloaded files from, certain F5 systems. These systems included our BIG-IP product development environment and engineering knowledge management platforms. We have taken extensive actions to contain the threat actor. Since beginning these activities, we have not seen any new unauthorized activity, and we believe our containment efforts have been successful.
In response to this incident, we are taking proactive measures to protect our customers and strengthen the security posture of our enterprise and product environments. We have engaged CrowdStrike, Mandiant, and other leading cybersecurity experts to support this work, and we are actively engaged with law enforcement and our government partners.
We have released updates for BIG-IP, F5OS, BIG-IP Next for Kubernetes, BIG-IQ, and APM clients. More information can be found in our October 2025 Quarterly Security Notification. We strongly advise updating to these new releases as soon as possible.

Blogger at www.systemtek.co.uk
