Federal Agencies Ordered to Patch F5 Systems After Nation-State Breach

CISA orders agencies to patch F5 systems after hackers steal source code, posing risks to federal networks. Deadline: October 22.

By Content Team

Oct 16, 2025

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

The Cybersecurity and Infrastructure Security Agency issued an emergency order Wednesday directing all federal agencies to immediately patch F5 technology systems after a foreign nation-state actor gained access to the company's source code. F5 first discovered the breach in August but kept it quiet until now at the Justice Department's request.

The Seattle-based company revealed that hackers maintained "long-term, persistent access" to its development systems, stealing source code and information about unpatched vulnerabilities. CISA warns attackers could exploit these flaws to steal credentials and take control of federal networks.

Federal agencies have until October 22 to apply F5's security updates, with thousands of F5 devices currently in use across government networks. CISA isn't naming the country behind the attack but calls it part of a broader campaign targeting U.S. technology suppliers.

Source: CBS News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

Critical Net-SNMP Flaw Threatens Network Infrastructure Worldwide

Dec 25, 2025

ICO Says Sultana's Unauthorised Party Launch May Be Criminal Matter for Police

Jan 10, 2026

EmEditor Hit by Supply Chain Attack Delivering Infostealer Malware

Dec 29, 2025

Russian Cyber Group Tomiris Adapts Tactics to Target CIS Governments

Dec 2, 2025