CISA and the U.K. NCSC reported that an unnamed U.S. federal civilian agency's Cisco Firepower ASA device was compromised in September 2025 with a new backdoor malware called FIRESTARTER designed for remote access. This incident represents a serious compromise of critical infrastructure security at the federal level.

CISA added CVE-2025-53521 (F5 BIG-IP Remote Code Execution) to the Known Exploited Vulnerabilities Catalog based on evidence of active exploitation. This vulnerability is subject to BOD 22-01 remediation requirements for Federal Civilian Executive Branch agencies, and CISA urges all organizations to prioritize patching as part of vulnerability management practices.

US and Iranian forces clashed at the Strait of Hormuz late Thursday, trading strikes on ships and, according to Iran, civilian areas — the sharpest escalation since the two countries entered a ceasefire roughly a month ago. Trump insists the ceasefire remains intact, while Iranian state media says the situation has returned to normal, though both sides blame the other for firing first.