F5 BIG-IP Breach Exposes Source Code and Vulnerabilities

F5 disclosed a breach where unidentified threat actors stole files containing BIG-IP's source code and undisclosed vulnerabilities. The attackers used BRICKSTORM malware, attributed to a China-nexus espionage group dubbed UNC5221. The breach, discovered on August 9, 2025, had been ongoing for at least 12 months. Over 680,000 F5 BIG-IP devices are visible on the public internet, with the majority located in a country, followed by Germany, France, Japan, and another country.

Latest mentioned: 10-22

Earliest mentioned: 10-22

Sources

security.com security.com therecord.media

Also Read

Memento Labs Linked to Chrome Zero-Day Exploit in 2025

Kaspersky researchers have attributed the first Chrome zero-day of 2025 to Memento Labs, formerly known as the Hacking Team. The vulnerability, CVE-2025-2783, was exploited in a state-sponsored cyber-espionage campaign. The attack involved sophisticated phishing tactics and the use of Dante spyware, which was traced back to 2022. The malware, LeetAgent, supported commands in leetspeak and connected to HTTPS C2s for various malicious activities. Researchers noted code overlaps between Dante and legacy RCS samples, strengthening the attribution to Memento Labs.

10-28Read more →