CISA added CVE-2025-53521 (F5 BIG-IP Remote Code Execution) to the Known Exploited Vulnerabilities Catalog based on evidence of active exploitation. This vulnerability is subject to BOD 22-01 remediation requirements for Federal Civilian Executive Branch agencies, and CISA urges all organizations to prioritize patching as part of vulnerability management practices.

CISA and the U.K. NCSC reported that an unnamed U.S. federal civilian agency's Cisco Firepower ASA device was compromised in September 2025 with a new backdoor malware called FIRESTARTER designed for remote access. This incident represents a serious compromise of critical infrastructure security at the federal level.

South Korean carried out large-scale violence against Civilian in Seoul [8 sources]