CISA and the U.K. NCSC reported that an unnamed U.S. federal civilian agency's Cisco Firepower ASA device was compromised in September 2025 with a new backdoor malware called FIRESTARTER designed for remote access. This incident represents a serious compromise of critical infrastructure security at the federal level.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability in Ivanti Endpoint Manager Mobile to its catalog of known exploited vulnerabilities, citing active exploitation in the wild. The flaw allows improper input validation and poses significant risk to federal networks and critical infrastructure; federal agencies are required to remediate by specified deadlines.