Cybersecurity firm F5’s stock sinks 12% after disclosing nation-state hack

Cybersecurity firm F5’s stock sinks 12% after disclosing nation-state hack


Pavlo Gonchar | SOPA Images | Lightrocket | Getty Images

U.S. cybersecurity company F5 fell 12% on Thursday after disclosing a system breach in which a “highly sophisticated nation-state threat actor” gained long-term access to some systems.

F5 shares were pacing for the worst day since April 27, 2022, when the stock fell 12.8%.

The company disclosed the breach in a Securities and Exchange Commission filing on Wednesday and said the hack affected its BIG-IP product development environment. F5 said the attacker infiltrated files containing some source code and information on “undisclosed vulnerabilities” in BIG-IP.

The breach was later attributed to state-backed hackers from China, Bloomberg reported, citing people familiar with the matter.

F5, which was made aware of the attack in August, said they have not seen evidence of any new unauthorized activity.

“We have no knowledge of undisclosed critical or remote code vulnerabilities, and we are not aware of active exploitation of any undisclosed F5 vulnerabilities,” F5 said in a statement.

The cybersecurity giant told customers that hackers were in the network for at least 12 months and that the breach used a malware called Brickstorm, according to Bloomberg.

F5 would not confirm the information.

Brickstorm is attributed to a suspected China-nexus threat dubbed UNC5221, Google Threat Intelligence Group said in a blog post. The malware is used for maintaining “long-term stealthy access” and can remain undetected in victim systems for an average of 393 days, according to Mandiant.

The attack prompted an emergency directive from the Cybersecurity and Infrastructure Security Agency on Wednesday, telling all agencies using F5 software or products to apply the latest update.

“The alarming ease with which these vulnerabilities can be exploited by malicious actors demands immediate and decisive action from all federal agencies,” CISA Acting Director Madhu Gottumukkala said. “These same risks extend to any organization using this technology, potentially leading to a catastrophic compromise of critical information systems.”

The UK’s National Cyber Security Centre also issued guidance for the F5 attack, advising customers to install security updates and continue monitoring for threats.



Source

Sam Altman faced ‘serious questions’ in meeting with lawmakers about OpenAI’s defense work
Technology

Sam Altman faced ‘serious questions’ in meeting with lawmakers about OpenAI’s defense work

OpenAI CEO Sam Altman speaks during the BlackRock Infrastructure Summit on March 11, 2026 in Washington, DC. Anna Moneymaker | Getty Images OpenAI CEO Sam Altman met with a handful of lawmakers in Washington, D.C. where Sen. Mark Kelly, D-Ariz., said he raised some “serious questions” about the company’s approach to warfare and its recent […]

Read More
Adobe CEO Shantanu Narayen says he will step down after company installs successor
Technology

Adobe CEO Shantanu Narayen says he will step down after company installs successor

Adobe said CEO Shantanu Narayen will step down after a successor has been appointed, and he will remain as the design software company’s chair. Shares tumbled 7% in extended trading. Narayen joined Adobe in 1988 as a vice president and general manager, and he became CEO in 2007. Under Narayen, Adobe pushed from software licenses […]

Read More
Microsoft top Office executive Rajesh Jha retiring after more than 35 years
Technology

Microsoft top Office executive Rajesh Jha retiring after more than 35 years

Rajesh Jha, executive vice president of experiences and devices at Microsoft Corp., speaks at the Microsoft Build event in Seattle, Washington, US, on Tuesday, May 21, 2024. The event allows attendees to grow their skills in topics such as building copilots, generative AI, securing applications, cloud platforms, and low-code. Chona Kasinger | Bloomberg | Getty […]

Read More
Powered by WordPress | WP Magazine by WP Mag Plus