Select your country

Belgium

China

Denmark

France

Germany

Global

Maghreb & West Africa

Netherlands

Norway

South Africa

Sweden

Switzerland

United Kingdom

Not finding what you are looking for, select your country from our regional selector:

Search

  1. Orange Cyberdefense
  2. Insights
  3. Blog
  4. CERT-News
  5. Cyberattack on F5

Cyberattack on F5

CERTIntelligence-led SecurityF5

Share

In a recent United States Security Exchange Commission filing F5 revealed that it was the victim of a broad and far reaching cyberattack. The incident, disclosed on October 15, 2025, revealed that a sophisticated threat actor gained prolonged access to internal systems, including source code and technical information related to previously undisclosed vulnerabilities.

While F5 reports that customer systems were not directly compromised, the theft did include F5 proprietary source code, technical details of undisclosed vulnerabilities, and client confidential documents.

F5 recommends that clients rotate digital certificates associated with F5 and apply patches per the F5 advisory.

We will update this blog as we gather more insights about the incident.

For a detailed overview of this advisory, you need to have a subscription to our CERT World Watch Portal.

External links:

https://www.sec.gov/Archives/edgar/data/1048695/000104869525000149/ffiv-20251015.htm

https://my.f5.com/manage/s/article/K000157005

https://my.f5.com/manage/s/article/K000156572

F5's CISO and CIO are hosting a webinar to provide further updates and official statements:

Incident Response Hotline

Facing cyber incidents right now?

Contact our 24/7/365 world wide service incident response hotline.

CSIRT