Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AlecTrevelyan
Community Champion
‎10-23-2025 11:58 AM
‎10-23-2025 11:58 AM

F5 Security Breach

I'm surprised I've not seen this mentioned on here at all, so if you weren't aware, F5 announced it had suffered a major security breach last week:

 

https://my.f5.com/manage/s/article/K000154696

 

Their CEO posted this on LinkedIn a little while ago:

 

image

 

Which in turn includes a link to a blog post from their CISO:

 

https://www.f5.com/company/blog/lessons-we-are-learning-from-our-security-incident

 

Here's CISA's emergency directive on the subject:

 

https://www.cisa.gov/news-events/directives/ed-26-01-mitigate-vulnerabilities-f5-devices

 

Are folks just not using F5 anymore, so not really interested in this?

Reply
1 Reply
JoePete
Advocate I
‎10-24-2025 09:53 AM
‎10-24-2025 09:53 AM

What seems to have occurred is that someone got into F5's internal documents, and the worry is they can use that info to craft attacks against F5 devices. The fact that F5 has released mitigating patches tells me that somewhere in those documents may be things like API keys or other configuration-type info that could lead to  elevated access to the devices. However, the between-the-lines seems to say the stolen information by itself shouldn't cause a compromise.

 

Maybe that is part of the shoulder-shrug to all this is that there is not an actual attack (yet) tied to this breach. 

 

 

Reply
0 Kudos