InfoSecBulletin Cybersecurity for mankind
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a new flaw in F5 BIG-IP systems to its Known Exploited Vulnerabilities (KEV) list. They warned that this flaw is being used in real-world attacks.
The vulnarability, known as CVE-2025-53521, was officially noted on March 27, 2026, and federal agencies must fix it by March 30, 2026.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CVE-2025-53521 is described as an unspecified vulnerability within F5 BIG-IP Access Policy Manager (APM) that could allow remote code execution (RCE).
F5 BIG-IP Vulnerability Exploited
CISA added the vulnerability to the KEV catalog, meaning that attackers are using it already. There isn’t any proof connecting this flaw to ransomware yet, but the agency pointed out that flaws that allow RCE are often used in attacks afterward, like moving around networks and stealing data.
CISA has ordered Federal Civilian Executive Branch (FCEB) agencies to use vendor fixes right away or stop using affected systems if there are no patches or workarounds.
The directive falls under Binding Operational Directive (BOD) 22-01, which mandates the rapid remediation of vulnerabilities listed in the KEV catalog.
F5 has unveiled guidelines to fix the problem, and companies should quickly follow the official steps to reduce risk. Security teams need to check logs and watch for signs of a breach, especially strange admin actions or unauthorized changes in BIG-IP systems.
The quick addition of CVE-2025-53521 to the KEV list shows that attackers are still going after edge devices and network parts.
These systems are often at important points in businesses, making them valuable targets for getting in and staying in. Organizations that use F5 BIG-IP products should treat this vulnerability as a serious threat and take action right away to reduce possible harm.
