Researchers are reporting mass scanning for and in-the-wild exploitation of a critical-severity flaw in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure. Earlier in March, F5 issued a patch for the flaw, which has a CVSS rating of 9.8 and exists in the iControl REST interface. The scenario is particularly urgent as F5 provides enterprise networking to some of the largest tech companies in the world, including Facebook, Microsoft and Oracle.
Source: https://threatpost.com/critical-f5-big-ip-flaw-now-under-active-attack/164940/