China-Linked Hackers Breach U.S. Cybersecurity Firm F5 in Year-Long Attack

U.S.-based cybersecurity company F5 has confirmed a major security breach allegedly carried out by state-backed hackers from China, according to reports from Bloomberg and Reuters. The hackers are believed to have maintained access for more than a year, compromising systems that support F5’s widely used security products.

While F5 said its operations remain unaffected, the company has notified key customers who may have been impacted. CEO Francois Locoh-Donou is personally overseeing briefings with clients, and external cybersecurity experts have been brought in to assist with the investigation.

The attack reportedly targeted vulnerabilities in F5’s software and networking tools, which are used by major corporations and government agencies worldwide. The breach raises concerns about potential data exposure and exploitation risks for organizations relying on F5’s infrastructure.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued alerts, warning that the same weaknesses could be exploited in other networks. While no widespread service disruption has been reported, the incident underscores the growing sophistication of nation-state cyberattacks and the challenges even top security firms face in defending their own systems.

Experts say the F5 breach highlights a troubling trend: cybersecurity vendors themselves are becoming high-value targets, as attackers seek access to the defenses that protect critical infrastructure.