Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks

Internet security watchdog Shadowserver has found over 14,000 BIG-IP APM instances exposed online amid ongoing attacks ...

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

F5 has reclassified a BIG-IP APM denial-of-service (DoS) vulnerability as a critical-severity remote code execution (RCE) flaw, warning that attackers are exploiting it to deploy webshells on ...
CSO Online

5-month-old F5 BIG-IP DoS bug becomes critical RCE exploited in the wild

Reclassified as a remote code execution flaw, the F5 BIG-IP APM vulnerability has been upgraded to CVSS 9.8, requiring ...
Infosecurity Magazine

NCSC Urges Immediate Patching of F5 BIG-IP Bug

UK organizations have been encouraged to immediately patch a critical new vulnerability in F5’s BIG-IP Access Policy Manager ...
Security Info Watch

Gallagher Security Introduces F5 and F6 Fence Controllers for Advanced Perimeter Protection

Gallagher Security unveils its F5 and F6 Fence Controllers, introducing enhanced safety features and scalable perimeter ...

Critical flaw in F5 BIG-IP faces wide exploitation risk

The new information shows that remote code execution can take place when BIG-IP APM access policy is configured on a virtual ...
American Hospital Association

Alerts warn F5 BIG-IP vulnerability being exploited for malicious activity

The Cybersecurity and Infrastructure Security Agency released an alert March 27 on a vulnerability in F5 BIG-IP Access Policy Manager software that is being exploited for malicious cyber activity. F5 ...
GovInfoSecurity

Under Fire: Attackers Target Flaws in F5 and Citrix Gear

Flaws in major application delivery and security platforms and VPN gateways are being actively exploited or targeted. Under ...
The Hacker News

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

CISA adds actively exploited F5 BIG-IP APM CVE-2025-53521 (CVSS 9.3) to KEV, ordering FCEB patch by March 30, 2026 to curb RCE risk.