FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
FIRESTARTER Backdoor Hit Federal Cisco Firepower Device, Survives Security Patches
24 April 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has revealed that an unnamed federal civilian agency's Cisco Firepower device running Adaptive Security Appliance (ASA) software was compromised in September 2025 with malware called FIRESTARTER.
FIRESTARTER, per CISA and the U.K.'s National Cyber Security Centre (NCSC), is assessed to be a backdoor designed for remote access and