Skip to content
The Nexus
SECURITYApr 23 · 20:25 UTCCYBERSCOOPGreg Otto

US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied

US and UK cybersecurity agencies warned that a state-sponsored hacking group has deployed a persistent backdoor called Firestarter on Cisco firewalls, which can survive firmware updates and reboots. The malware, linked to threat actor UAT-4356, exploits vulnerabilities patched in September 2025 and has prompted an emergency directive for federal agencies to audit Cisco infrastructure.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this