<![CDATA[⚠️ CRITICAL: FIRESTARTER Backdoor]]>

️ CRITICAL: FIRESTARTER Backdoor

APT actors deployed FIRESTARTER, a persistent Linux backdoor on Cisco Firepower and Secure Firewall devices via CVE-2025-20333 and CVE-2025-20362. The malware survives firmware patches and works with LINE VIPER to maintain remote access. Any organization running these devices is at risk of undetect…

Urgent Threats & Advisories | ThreatNoir

Active and archived urgent security threats, CVEs, and advisories for SOC teams and threat hunters.

(threatnoir.com)

#infosec #cybersecurity

]]>https://board.circlewithadot.net/topic/f5bb6464-5749-48b1-a31c-de7f147119e8/critical-firestarter-backdoorRSS for NodeMon, 25 May 2026 11:25:51 GMTSat, 25 Apr 2026 15:09:49 GMT60