Security news aggregator

Latest coverage for F5

Stay updated on F5 security insights: Explore the latest in application delivery controls, threat intelligence, and cyber defense with F5 tag news.

84 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

F5 provides application-delivery technology, best known in security operations for BIG-IP appliances and software that load-balance traffic, terminate TLS, route requests, and can enforce web-application firewall, access-control, and denial-of-service protections. F5’s NGINX products are also used as reverse proxies and web servers. These components sit in front of applications, mediating internet traffic and trust boundaries.

Their privileged position makes exposed management interfaces, insecure configurations, leaked certificates or keys, and unpatched vulnerabilities especially significant: compromise can enable traffic interception, authentication bypass, request manipulation, or access to protected applications, depending on deployment. Security teams should inventory BIG-IP and NGINX instances and versions, restrict management planes, apply vendor fixes, review iRules, WAF, and access policies, and monitor administrative and anomalous proxy activity. During incidents, preserve configuration and traffic logs and assess whether TLS credentials or backend routes were exposed.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 84

F5 released emergency updates for critical NGINX flaws (CVE-2026-42530, CVE-2026-42055) that could enable unauthenticated code execution. F5 has issued out-of-band patches for multiple NGINX vulnerabilities, including two critical flaws, respectively tracked as CVE-2026-42530 and CVE-2026-42055 (CVSS 9.2). The bugs affect HTTP modules and can be exploited remotely without authentication to trigger memory corruption, potentially causing […]

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence server for credential theft and identity compromise. Learn how the threat actor attempted Kerberos relay and lateral movement, and how Microsoft Defender detected, blocked, and unraveled the attack. The post From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence appeared first on Microsoft Security Blog.

Bank Info Security 3 months, 2 weeks ago

Under Fire: Attackers Target Flaws in F5 and Citrix Gear

F5 Revises Severity of Flaw Disclosed Last YearFlaws in major application delivery and security platforms and VPN gateways are being actively exploited or targeted. Under fire: a vulnerability in F5 BIG-IP Access Policy Manager can facilitate remote code execution, and a "memory overread" flaw in NetScaler Application Delivery Controller.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation

Conduent Gets Sued; US Government's Cyber Shutdown Woes; Hacktivist Hits RiseThe latest ISMG Editors' Panel tackles: post-hack legal fallout for Conduent after it suffered the year's biggest health data breach, the U.S. government's shutdown complicating its response to the breach of vendor F5 and the rise in attacks targeting Western critical national infrastructure.

Officials Say Major Staffing Cuts and Furloughs Undercut Response to F5 CyberattackCurrent and former federal officials tell Information Security Media Group furloughs and leadership gaps across the federal cyber ecosystem have hindered the U.S. government's ability to coordinate response efforts after a nation-state actor exploited flaws in F5’s BIG-IP systems amid the shutdown.

Also: F5 Revenue Dips, Swedish Utility Operator BreachedThis week, critical infrastructure breaches in Canada, a Swedish grid operator breached, an Australian guilty of selling cyber exploits, Gmail wasn't breached, F5 projected a revenue dip, PhantomRaven targeted developers, a Pakistan-linked actor targeted India and Dentsu confirmed a data breach.

It’s easy to think your defenses are solid — until you realize attackers have been inside them the whole time. The latest incidents show that long-term, silent breaches are becoming the norm. The best defense now isn’t just patching fast, but watching smarter and staying alert for what you don’t expect

Concerns Grow Over F5 Hacking Amid Stalled Government ShutdownFederal officials are scrambling to contain nation-state hackers exploiting stolen source code from networking devices and software maker F5 amid staffing pressures created by the ongoing government shutdown. Stolen files reportedly include undisclosed vulnerabilities F5 had been researching.

Federal Agencies Ordered to Patch or Decommission F5 Devices Amid Imminent RiskAn advanced nation-state threat actor stole sensitive F5 source code and vulnerability data to craft tailored exploits, prompting an emergency directive amid a U.S. government shutdown that has left cyber defenses strained and federal networks at "imminent risk."

Loading more headlines...