New Cisco firewall malware can only be killed by pulling the plug
Suspected state-sponsored attackers are using a custom backdoor to persistently compromise Cisco security devices (firewalls), the US CISA and the UK National Cyber Security Centre warned on Thusday. “The [Firestarter] malware (…) is relevant for both Cisco Firepower and Secure Firewall devices; how
ORIGINAL SOURCE →via Help Net Security
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] Hackers Exploit Agent ID Administrator Role to Hijack Service Principals
- [CYBER] US Federal Agency’s Cisco Firewall Infected With ‘Firestarter’ Backdoor
- [CYBER] CVE-2026-41044 - Apache ActiveMQ, Apache ActiveMQ Broker, Apache ActiveMQ All: Authenticated user can perform RCE via DestinationView MBean exposed by Jolokia
- [CYBER] CVE-2026-41043 - Apache ActiveMQ, Apache ActiveMQ Web: ActiveMQ Web Console - XSS vulnerability when browsing queues
- [CYBER] CVE-2026-40466 - Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Possible bypass of CVE-2026-34197 via HTTP discovery second-stage URI
- [CYBER] CVE-2025-62233 - Apache DolphinScheduler: Deserialization of untrusted data in RPC