In Case You Missed It:  CISA Tells Fed Agencies to Take Action on F5 Compromise, Foreign Foes Use AI to Attack US Interests, A Study Shows Modernization’s Importance to Strategic Goals

Last week, an urgency centered around addressing an F5 compromise with CISA issuing a directive spelling out what federal agencies must do. Foreign adversaries upped the use of AI to attack the US. And, SAP issued patches for a baker’s dozen of vulnerabilities, one of them critical.

F5 Compromise Requires Urgent Action, CISA Says

The compromise of F5’s systems and the exfiltration of files, including some of its BIG-IP source code and vulnerability information, set off alarm bells throughout the federal government ecosystem and beyond, prompting Cybersecurity and Infrastructure Security Agency (CISA) to issue a directive for agencies to take prompt action to mitigate the risk. CISA is rightfully concerned that the China-affiliated cyber threat actor responsible could use the proprietary source code to exploit the F5 devices and software used throughout the federal government and other organizations. CISA offered specific instructions to agencies, including taking an inventory of potentially affected devices and apps, patching them, and sunsetting those at their end of life.

Foreign Adversaries Using AI to Craft Attacks Against US

A familiar cohort of nation-state foes—Russia, China, Iran and North Korea—have stepped up using artificial intelligence for deception and cyberattacks against the United States, Microsoft research shows, with more than 200 instances of foreign government-affiliated actors creating fake online content using AI. That’s twice as many instances than were reported in 2024 and a clear indication that those adversaries are tapping new technology to craft attacks against the US government, critical infrastructure, and private enterprise.

Iranian Operatives May Have Hacked Bolton’s Email

The indictment of former national security adviser and Trump foe John Bolton for mishandling classified information revealed that the Justice Department believes Iranian hackers were able to get into former national security advisor John Bolton’s email and threaten to make public sensitive information. A representative of Bolton reported to the FBI in the summer of 2021 that “a cyber actor believed to be associated with the Islamic Republic of Iran” had hacked Bolton’s email. Bolton has pleaded not guilty to mishandling classified material.

SAP Patches 13 Bugs, One Critical

Among the 13 vulnerabilities patched by SAP last week is a critical deserialization vulnerability in SAP NetWeaver with a 10.0 rating. The bug makes it possible for an unauthenticated attacker to do an arbitrary OS command execution. That could be a threat to the confidentiality, integrity, and availability of an application. The flaw, CVE-2025-42944, would let an attacker bypass login requirements and take complete control of vulnerable servers.

Half of Geostationary Satellite Communicates Carry Unencrypted Data

It only took $600 worth of equipment, available to consumers, for researchers to build a listening station capable of intercepting signals around the world and discover that half of geostationary satellite communications transmit unencrypted traffic. That unprotected data includes phone calls, texts, login credentials, banking data, military operations, and critical infrastructure. The report contends the situation is intentional and not likely to be remedied due to economics.

Modernization Key to Achieving Long-term Strategic Goals

Modernizing banking operations is now imperative. Trusted legacy systems and processes while still valuable will become liabilities if banks don’t bridge the widening gap between what their technology delivers today and the seamless, secure real-time experiences that what business and the market now demand. The bulk of banking executives (86 percent) say modernization is either very important or critical to achieving their long-term strategic goals. They are striving to close gaps by modernizing platforms, enhancing data capabilities, and delivering digital experiences that restore harmony in the money lifecycle, according to the 2025 Global State of Bank Modernization & Technology survey conducted in April 2025 by TechStudio^TM, an Energize Marketing^® company, in partnership with FIS^®.