U.S. cybersecurity firm F5 saw its stock drop 10% on Thursday, marking its steepest decline since April 27, 2022, after revealing a major system breach involving what it described as a “highly sophisticated nation-state threat actor.”

In a Securities and Exchange Commission (SEC) filing made Wednesday, F5 confirmed that the cyberattack granted the intruder long-term access to portions of its systems, specifically targeting the BIG-IP product development environment. The attacker reportedly accessed source code files and details about undisclosed vulnerabilities within BIG-IP, one of F5’s core networking and security solutions.

According to a Bloomberg report, the breach has been attributed to hackers linked to the Chinese government, citing individuals familiar with the investigation.

F5 stated that it first became aware of the intrusion in August and has since taken steps to secure its systems. The company emphasized that, so far, there is no evidence of ongoing unauthorized activity or customer data compromise.

The incident underscores the growing threat of state-backed cyberattacks targeting U.S. technology and infrastructure firms, including those within the cybersecurity sector itself — a troubling irony that highlights the escalating sophistication of global cyber espionage campaigns.