Hackers now exploit critical F5 BIG-IP flaw in attacks, patch now F5 Networks has reclassified a BIG-IP APM vulnerability from DoS to critical remote code execution (CVE-2025-53521) after discovering attackers are exploiting it to deploy webshells on unpatched devices. F5 and CISA have issued advisories with IOCs and urgent patching guidance while Shadowserver reports over 240,000 BIG-IP instances exposed online. #BIGIPAPM #CVE-2025-53521

F5 reclassifies BIG-IP APM flaw CVE-2025-53521 from DoS to critical RCE after active exploitation deploying webshells on unpatched devices. Over 240K instances exposed online. #BIGIPAPM #RemoteCodeExecution #USA