F5 releases BIG-IP patches for stolen security vulnerabilities

Cybersecurity company F5 has released security updates to address BIG-IP vulnerabilities stolen in a breach detected on August 9, 2025. The company disclosed today that state hackers breached its systems and stole source code and information on undisclosed BIG-IP security flaws. Today, F5 issued patches to address 44 vulnerabilities (including the ones stolen in the breach) and urged customers to update their systems as soon as possible. F5 confirmed to Bleeping Computer that “today’s security updates do address impact from the incident.” On Wednesday, CISA published the ED 26-01 emergency directive, ordering Federal Civilian Executive Branch (FCEB) agencies to secure F5OS, BIG-IP TMOS, BIG-IQ, and BNK/CNF products by installing the latest F5 patches by October 22. For all other F5 hardware and software appliances on their networks, the deadline is extended to October 31.

Read the complete article here.