F5 BIG-IP Breach: What OT Leaders Need to Know and Do Now

**Executive summary:** An advanced state-sponsored adversary reportedly obtained parts of F5 BIG-IP source code and vulnerability/customer implementation details, increasing the risk that attackers could target BIG-IP devices that broker access to OT environments; this may enable policy manipulation, credential/API key misuse, traffic interception, and other actions against operational systems. Dragos recommends focused monitoring, targeted hunts, prioritized remediation, and provides detections, IOCs, and playbooks to help defenders identify and mitigate OT/ICS exposure.