Skip to content
The Nexus
DossierENTITY

UAT-4356

Coverage of UAT-4356 in the Nexus archive.

Earliest in view: Apr 23 · 20:25 UTCMost recent: Apr 23 · 20:25 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYApr 23 · 20:25 UTCCYBERSCOOP
    US, UK agencies warn hackers were hiding on Cisco firewalls long after patches were applied

    US and UK cybersecurity agencies warned that a state-sponsored hacking group has deployed a persistent backdoor called Firestarter on Cisco firewalls, which can survive firmware updates and reboots. The malware, linked to threat actor UAT-4356, exploits vulnerabilities patched in September 2025 and has prompted an emergency directive for federal agencies to audit Cisco infrastructure.

UAT-4356 · Dossier · The Nexus