The NCSC has issued an urgent alert regarding CVE-2025-53521, an actively exploited, unauthenticated remote code execution vulnerability in F5 BIG-IP Access Policy Manager (APM). Organizations are strongly advised to investigate for compromise using vendor-provided indicators, apply updates immediately, and potentially rebuild affected systems if evidence of compromise is found.