Tuesday , July 14 2026
14,000 BIG-IP APM

14,000+ F5 BIG-IP APM instances still exposed on internet

Shadowserver has found more than 14,000 BIG-IP APM instances visible on the internet during ongoing attacks that use a remote code execution (RCE) weakness. BIG-IP APM is F5’s centralized access management proxy solution designed to help admins secure access to their organizations’ networks, cloud, applications, and application programming interfaces (APIs).

Meta’s louisiana data center to exceed 250 billion price tag

Meta announced on Monday that its data center in Richland Parish, Louisiana, will grow to 5 gigawatts of computing power....
Read More
Meta’s louisiana data center to exceed 250 billion price tag

Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Global ransomware attacks stayed very high in the first seven months of 2026. There were 5,064 confirmed victims in 135...
Read More
Ransomware Crisis in 2026: 5,064 Organizations Affected in 135 Countries

Palo Alto Networks Addresses 13 Vulnerabilities

Palo Alto Networks shared warnings on Wednesday about over twelve security issues in its products. The new warnings include 13 security...
Read More
Palo Alto Networks Addresses 13 Vulnerabilities

Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

A critical flaw with how Dell saves BIOS passwords lets anyone quickly recover these passwords from a flash dump without...
Read More
Critical Dell BIOS & Zimbra Flaws Expose Enterprise Systems

CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

CoLoCity is proud to launch a new Data Center in Gulshan-2. It is designed to meet the growing demand for...
Read More
CoLoCity Launches New 1.0 MW Data Center Facility at Gulshan

Daily Cyber security update for 10. 07. 2026

Cyberattacks are rising around the world, including ransomware, malware, data leaks, and hacked websites. These events show how complex and...
Read More
Daily Cyber security update for 10. 07. 2026

How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

A major AWS attack shows how attackers with AI can connect known cloud strategies to go from first access to...
Read More
How Hacker Compromise AWS Cloud Environment Using AI in 72 Hours

Mycelium Framework: First AI-as-a-Service Botnet

A new cybercrime ad is catching attention in the security world. It talks about a botnet that doesn't just get...
Read More
Mycelium Framework: First AI-as-a-Service Botnet

CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

CrowdStrike has shared five new ways to inject prompts, showing the rising danger to AI agents as more organizations use...
Read More
CrowdStrike Shows 5 New Prompt Injection Techniques for AI Agents

Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

A critical flaw in Google Cloud Platform’s Dialogflow CX lets attackers add harmful code to a company's AI chatbot system....
Read More
Critical GCP Dialogflow Vulnerability Allows Malicious Code Injection

This flaw is 5 months old and named CVE-2025-53521. It was announced in October as a denial-of-service (DoS) problem. It was changed to an RCE bug over the weekend.

“Due to new information obtained in March 2026, the original vulnerability is being re-categorized to an RCE. The original CVE remediation has been validated to address the RCE in the fixed versions. We have learned that this vulnerability has been exploited in the vulnerable BIG-IP versions,” F5 warned in a Sunday advisory update.

There is no known number of BIG-IP APM setups on the Internet that have vulnerable misconfigaration. Shadowserver, a non-profit that monitors online threats, said on Wednesday that it now sees more than 17,100 IP addresses with BIG-IP APM signs.

More than 14,000 BIG-IP APM systems are still at risk of CVE-2025-53521 attacks, says Shadowserver. This is despite the U.S. Cybersecurity and Infrastructure Security Agency (CISA) telling federal agencies to fix their BIG-IP APM systems by midnight on Monday after naming the issue a serious threat on Friday.

F5 warns to check logs, and terminal history of BIG-IP devices for any bad activity. It also offers advice on what to do if you find signs of compromise, like rebuilding the affected systems completely.

“If customers do not know exactly when the system was compromised, user configuration set (UCS) backups may have been created after the compromise occurred,” the company said. “F5 strongly recommends that customers rebuild the configuration from a known good source because UCS files from compromised systems can contain persistent malware.”

F5 offers cybersecurity, application delivery networking (ADN), and other services to over 23,000 customers, including 48 of the biggest 50 companies.

In recent years, vulnerabilities in BIG-IP have been targeted by both nation-state and cybercrime threat groups to breach corporate networks, hijack devices, deploy data-wiping malware, map internal servers, and steal sensitive data.

Check Also

Wazuh

Critical Wazuh Vuln Enables Alert Tampering and Evidence Deletion

A critical security flaw has affected the open-source security community. Recently, complete details and working …