Security firm F5 has announced that it has been the victim of a highly sophisticated cyberattack by suspected threat hackers linked to a nation-state. The attackers managed to maintain long-term access to F5’s systems and downloaded files from the product development environment of their flagship product, BIG-IP.
F5 discovered the breach in August 2025. The company says the attackers obtained BIG-IP source code and information about unpublished vulnerabilities from the development environment and knowledge management platforms.
According to F5, there are no indications that the software supply chain was manipulated, nor is there evidence of access to customer-related systems such as CRM or financial systems. However, a small portion of the stolen files contained configuration or implementation information for a limited number of customers. These customers are being informed directly.
F5 strongly advises customers to immediately install the newly released software updates for BIG-IP, F5OS, and other products. The company has engaged leading security experts, including CrowdStrike and Mandiant, and is working with law enforcement agencies to restore and strengthen the security of its systems.
