Thousands of networks—many of them operated by the US government and Fortune 500 companies—face an “imminent threat” of being breached by a nation-state hacking group following the breach of a major maker of software, the federal government warned on Wednesday.

F5, a Seattle-based maker of networking software, disclosed the breach on Wednesday. F5 said a “sophisticated” threat group working for an undisclosed nation-state government had surreptitiously and persistently dwelled in its network over a “long term.” Security researchers who have responded to similar intrusions in the past took the language to mean the hackers were inside the F5 network for years.

Unprecedented

During that time, F5 said, the hackers took control of the network segment the company uses to create and distribute updates for BIG IP, a line of server appliances that F5 says is used by 48 of the world’s top 50 corporations. Wednesday’s disclosure went on to say the threat group downloaded proprietary BIG-IP source code information about vulnerabilities that had been privately discovered but not yet patched. The hackers also obtained configuration settings that some customers used inside their networks.

Control of the build system and access to the source code, customer configurations, and documentation of unpatched vulnerabilities has the potential to give the hackers unprecedented knowledge of weaknesses and the ability to exploit them in supply-chain attacks on thousands of networks, many of which are sensitive. The theft of customer configurations and other data further raises the risk that sensitive credentials can be abused, F5 and outside security experts said.

Customers position BIG-IP at the very edge of their networks for use as load balancers and firewalls, and for inspection and encryption of data passing into and out of networks. Given BIG-IP’s network position and its role in managing traffic for web servers, previous compromises have allowed adversaries to expand their access to other parts of an infected network.

F5 said that investigations by two outside intrusion-response firms have yet to find any evidence of supply-chain attacks. The company attached letters from firms IOActive and NCC Group attesting that analyses of source code and build pipeline uncovered no signs that a “threat actor modified or introduced any vulnerabilities into the in-scope items.” The firms also said they didn’t identify any evidence of critical vulnerabilities in the system. Investigators, which also included Mandiant and CrowdStrike, found no evidence that data from its CRM, financial, support case management, or health systems was accessed.

The company released updates for its BIG-IP, F5OS, BIG-IQ, and APM products. CVE designations and other details are here. Two days ago, F5 rotated BIG-IP signing certificates, though there was no immediate confirmation that the move is in response to the breach.

The pulp and paper industry consumes large amounts of energy. But despite stricter EU requirements for efficiency improvements, there has been no way to measure and compare energy consumption between different companies in a fair way. In collaboration with the Swedish Environmental Protection Agency, researchers at Linköping University, Sweden, now present a solution that has great potential to be used throughout the EU.

“Even if this would contribute to increasing efficiency by one or a few percent only, this involves so much energy that it can make a huge difference,” says Kristina Nyström, Ph.D. student at the Department of Management and Engineering at Linköping University.

Globally, the pulp and paper industry accounts for 4% of energy used by the industrial sector. Through its Industrial Emissions Directive, the EU has set efficiency requirements for the industrial sector to reduce climate impact. An important tool for this is to make comparisons between factories within an industry—so-called benchmarking.

“But this has not been possible in the paper industry, because the mills have been so different that comparable results have not been achieved,” Kristina Nyström explains.

Therefore, the Swedish Environmental Protection Agency, assisted by Linköping University and Chalmers Industriteknik and in consultation with the paper industry, has developed a calculation method to enable comparisons. The method, which is presented in an article published in the journal Applied Energy, has great potential to be used throughout the EU, according to Olof Åkesson, former Swedish Environmental Protection Agency employee, who initiated the project.

The solution is to divide paper production into standardized processes such as actual pulp production, dissolution of purchased pulp, drying of pulp or paper production. These processes are common to enough mills for comparisons to be meaningful. In this way, companies can discover what in their processes works less efficiently compared to others, where improvements can be made and which actions would be most beneficial.

In addition, this method allows for more measures to be included in the energy efficiency efforts. One example is that companies are credited with the residual heat from manufacturing that is used in the surrounding community, such as the heating of homes or greenhouses.

Should this method gain ground, it could contribute to a changed approach to energy efficiency. At present, public agencies’ demands for energy audits often focus on details, which risks significant efficiency measures being overlooked.

“The benefit of making the pulp and paper industry more efficient is that this can reduce the use of fossil fuels and release raw materials, biofuels and electricity for other purposes,” says Åkesson.

With the involvement of researchers, public agencies and companies in the pulp and paper industry, chances are high that the method was designed in a way that is useful in practice. The collaboration between organizations can serve as a model for other industries wanting to develop their own measurement methods, according to Nyström.

Several companies that tested the measurement method have been positive, and it now needs to be spread and tested on a larger scale, the researchers say. The Swedish Environmental Protection Agency is working to develop the model, now also in dialog with public agencies and the pulp and paper industry in Finland.

Cutting planet-warming pollution to near-zero will take more than inventing new clean technologies—it will require changing how the world invests in them. That’s especially true for industries like aviation, where developing and adopting greener solutions is risky and expensive, according to a University of California San Diego commentary piece in Science.

The paper calls for smarter ways of managing investment risk that could help speed up the shift toward cleaner air travel and other hard-to-decarbonize sectors.

“The aviation sector—a fast-growing source of greenhouse gases—illustrates the broader challenge of industrial decarbonization: too little investment in technologies that could yield the biggest climate benefits,” said the paper’s co-author David G. Victor, professor of innovation and public policy at the UC San Diego School of Global Policy and Strategy and co-director of the Deep Decarbonization Initiative.

The piece outlines a new approach that could help guide a coalition of research and development (R&D) programs alongside investors and airlines seeking to deploy new technologies to curb carbon emissions from the aviation industry.

“Despite all the chaos in global geopolitics and climate policies these days, there are large and growing pools of capital willing to take risks on clean technology,” Victor said. “What’s been missing is a framework to guide that capital to the riskiest but most transformative investments.”

He added that investors and research managers tend to focus on familiar, lower-risk projects like next-generation jet engines or recycled-fuel pathways.

“But getting aviation and other hard-to-abate sectors to near-zero emissions means taking on bigger risks with technologies and new lines of business that will be highly disruptive to the existing industry. Investors and airlines need to find smarter ways to encourage and manage these disruptive investments,” Victor said.

In the article, Victor and co-authors call for a more realistic framework to guide both research funding and private investment.

They propose a tool called an Aviation Sustainability Index (ASI)—a quantitative method to assess how different technologies or investments could help decouple emissions from growth in air travel.

The approach is designed to help investors distinguish between projects that only modestly improve efficiency and those that could significantly transform the sector’s climate impact.

The authors note that while roughly $1 trillion is expected to flow into aviation over the next decade, most of that money will simply make aircraft slightly more efficient. Few investors, they argue, have clear incentives to back the kind of breakthrough technologies—such as hydrogen propulsion, advanced aircraft designs, or large-scale sustainable fuel systems—that could substantially reduce emissions.

“Cleaner flight is possible, but it requires changing how we think about both risk and return,” Victor said. “We need new institutions, incentives, and partnerships that reward innovation, not just incrementalism.”

The commentary, written by a multinational team of scholars, also highlights a broader lesson for climate policy: global decarbonization goals such as “net zero by 2050” sound bold and ambitious. But when it becomes clear that they can’t be met, these goals make it harder to focus on the practical steps needed today to drive change in real-world markets.

Ultimately, the paper argues for action that begins now. By developing better tools to evaluate climate-friendly investments and by rewarding companies willing to take calculated risks on breakthrough technologies, governments, investors and industry leaders can accelerate real progress toward decarbonization.

The paper was co-authored by Thomas Conlon of University College Dublin, Philipp Goedeking of Johannes Gutenberg University of Mainz (Germany) and Andreas W. Schäfer of University College London.