In October 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive ED 26-01. It requires federal agencies to mitigate vulnerabilities in F5 BIG-IP devices because attackers could potentially use exposed proprietary source code to exploit unpatched F5 systems.

Following our standard vulnerability monitoring policy, we reviewed the CISA advisory and confirmed that no Articulate services rely on F5 network devices. Articulate products don't use F5 BIG-IP hardware or software.

Articulate systems remain secure and unaffected by the F5 breach. No customer data has been compromised.

We take security seriously at Articulate. If you have any questions, contact us at security@articulate.com. For more information about our security efforts, visit our Trust Center.