Platforms Enterprise It SecurityControl

F5 BIG IP APM remote code execution under active exploitation

March 30, 2026BleepingComputer, Qualys, Eduard Kovacs

BleepingComputer, Qualys, and others warn that a critical F5 BIG-IP Access Policy Manager flaw has been reclassified as remote code execution and is being actively exploited, pushing urgent patching and exposure reduction.

Open in PulseSee the full expert discussion →

QUOTES

Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now

CISA has added a critical vulnerability in F5 BIG-IP Access Policy Manager to its Known Exploited Vulnerabilities catalog.

Tracked as CVE-2025-53521, this flaw allows for remote code execution and is currently seeing active exploitation.

Over 14,000 BIG-IP APM instances are exposed to ongoing attacks exploiting a critical-severity remote code execution (RCE) vulnerability

VOICES

BleepingComputer

Qualys

Eduard Kovacs

RELATED TERMS

rce vulnerabilitypatchingedge appliancecode executionremote coderce vulnerability

OTHER FINDINGS IN PLATFORMS ENTERPRISE IT SECURITY

Claude Code source exposure via npm source map file Google post-quantum cryptography migration timeline moved up to 2029 Axios supply chain compromise response, rebuild and rotate credentials guidance

AMYGDALA PULSE

See what experts are saying right now

This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new expert voices, debates, and emerging ideas.

Open Cyber Security Pulse Browse all topics

← Back to Cyber Security