News from today:
- F5 breach – it’s bad (really bad). F5, a cybersecurity provider in the US, appears to have been breached by state-backed hackers from China for at least a year. … nation-state hackers had breached its networks and gained “long-term, persistent access” to certain systems. The intruders stole files including portions of source code from the company’s BIG-IP suite of application services, which are widely used by Fortune 500 companies and government agencies, as well as details about some flaws that could be used to target the company’s customers. Representatives for F5 have told customers that the hackers were in the company’s network for at least 12 months. A spokesperson for the China Foreign Ministry denied such activity. Bloomberg
- ColorTokens and SMX for federal government push. ColorTokens announced a strategic partnership with SMX to help federal agencies embrace zero trust across IT and OT environments. ColorTokens Xshield delivers agentless, software-defined microsegmentation that protects OT and critical infrastructure environments from lateral movement and cyberattacks. By combining Xshield’s fine-grained visibility and control with SMX’s Elevate FedRAMP solution, federal agencies can deploy and scale Zero Trust protections faster and more cost-effectively. ColorTokens
- Additional support for Linux and Mac in OneSite Patch. Adaptiva announced expanded support for Linux distributions and the latest versions of Mac and Windows, hence giving organizations unified patch management capabilities. The update introduces native patching support for major Linux distributions, including AlmaLinux, Rocky Linux, and Oracle Linux. It also includes enhanced coverage for Debian 13, Red Hat Enterprise Linux 10, the newest version of macOS 26 (Tahoe) and Windows Server. Adaptiva also added 100 new third-party applications to its patch catalog, including popular tools like Claude, WhatsApp, and Zoom. This brings the company’s total catalog to more than 100,000 patches and 20,000 supported libraries and products. Adaptiva
- Sectigo’s India commitment. Sectigo reaffirmed its commitment to India as a growth market, and announced a new partnership with Indusface, an Indian firm with expertise in application security and SSL. Indusface customers now have access to Sectigo Certificate Manager (SCM), enabling simplified automated certificate management, stronger compliance and future-ready scalability as organizations prepare for shortened SSL/TLS certificate lifespans by 2029 and the transition to post-quantum cryptography by 2030. Sectigo is also hosting an event in Mumbai on November 7, re the shortening lifespan of digital certificates. Sectigo