The U.S. government has sounded an alarm over an imminent cyber threat targeting federal networks through vulnerabilities in F5 products, after hackers accessed the company’s systems and stole sensitive data, including portions of its source code.
The Cybersecurity and Infrastructure Security Agency (CISA) said a “nation-state threat actor” could use the stolen information as a roadmap to exploit F5 devices deployed across government and private networks. Agencies have been ordered to identify all F5 systems and apply urgent patches to prevent further compromise.
F5 confirmed the breach, discovered on August 9, and said it took immediate containment measures with the help of CrowdStrike, Mandiant, NCC Group, and IOActive. The company stated there was no impact on its operations or evidence of tampering with its development environment, but acknowledged that a limited amount of customer data was affected.
CISA’s Nick Andersen described the incident as an “imminent threat” and urged all organizations — not just federal agencies — to update their systems. British cybersecurity officials also released a similar alert to F5 users.
The breach highlights growing concerns over supply-chain vulnerabilities in critical infrastructure software, as threat actors increasingly target technology providers to gain access to government and corporate networks worldwide.
