Brickstorm

F5 shares plummeted 10% after disclosing a security breach by a suspected Chinese nation-state actor who gained prolonged access to internal systems. The attacker accessed proprietary source code and information about undisclosed vulnerabilities in F5’s BIG-IP product, impacting its product development environment. While F5 claims no active exploitation of undisclosed vulnerabilities, the breach, spanning at least 12 months, raises concerns about data exfiltration. CISA issued an emergency directive, and the UK’s NCSC published guidance, reflecting the breach’s global implications. The malware used, Brickstorm, is linked to a China-nexus threat actor.