The FCC has added all new foreign-made consumer routers to its Covered List, blocking their import and sale in the United States after a White House-led interagency review found they pose an unacceptable national security and public safety risk. U.S. officials said overseas-manufactured routers could be exploited to disrupt the economy, critical infrastructure, and national defense, and linked the concern to activity associated with Volt Typhoon, Flax Typhoon, and Salt Typhoon, which have targeted U.S. networks and infrastructure.
The restrictions apply to new devices rather than routers already authorized for sale, meaning existing products can continue to be imported, sold, and used for now. Foreign manufacturers may still seek approval, but must provide detailed disclosures on ownership, supply chains, software and firmware provenance, and any plans to shift critical component production to the United States. The move is expected to tighten availability of new router models and raise costs, while critics argue it does not solve broader router security problems such as insecure firmware, weak patching, compromised update systems, and supply-chain exposure that can persist regardless of where hardware is assembled.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
9 events from the most recent confirmed update back to the earliest known activity.
On 2026-05-09, the FCC extended temporary waivers allowing certain already authorized foreign-made consumer routers, drones, and drone components on the Covered List to keep receiving software and firmware updates until at least January 1, 2029. The agency said blocking patches could create cybersecurity, compatibility, and operational risks for millions of deployed devices, and also expanded the waiver to cover some Class II permissive changes.
By April 28, 2026, Amazon had reportedly obtained an exemption from the FCC's foreign-made router restrictions, allowing its Eero consumer routers and Leo low Earth orbit routers to continue being sold or operated in the U.S. The report said neither Amazon nor the FCC disclosed the criteria or conditions for the waiver.
By April 24, 2026, the FCC said its March 24 restrictions on new foreign-made consumer routers also apply to residential mobile hotspot devices and LTE/5G customer premises equipment using cellular connectivity. The agency said the clarification was not retroactive to previously authorized models and noted limited conditional approvals for some vendors through October 1, 2027.
By April 6, 2026, the FCC had proposed expanding its restrictions to prohibit the importation and marketing of previously authorized products from companies on its Covered List, including Huawei, Hikvision, Dahua, Hytera, and ZTE. The proposal would extend beyond routers to products such as mobile phones and cameras, while not affecting devices already owned by Americans.
In coverage published on March 26, 2026, the FCC's March 24 order was described as allowing software and firmware updates for already authorized routers only through at least March 1, 2027. The report said this raised concerns that many currently sold routers could stop receiving security patches after that date.
As part of the March 24, 2026 action, the FCC said already authorized routers may continue to be imported, sold, and used, while manufacturers may seek exemptions through extensive disclosures. It also granted conditional approval for certain routers used by the Department of War or DHS in drone systems and allowed UAS-related software and firmware updates through at least January 1, 2027.
On March 24, 2026, the FCC updated its Covered List to ban new foreign-made consumer routers from being imported into and sold in the United States. The agency said the move was based on supply-chain and security concerns, including prior abuse of such devices by groups such as Volt Typhoon, Flax Typhoon, and Salt Typhoon.
On March 20, 2026, a White House-led Executive Branch interagency body determined that consumer routers manufactured in foreign countries pose an unacceptable national security and public safety risk. The assessment cited potential impacts on the U.S. economy, critical infrastructure, national defense, and harm to U.S. persons.
On or before March 2, 2026, the FCC voted to end automatic blanket Section 214 authorizations for domestic carriers, saying the loophole could allow Covered List entities such as Huawei and ZTE to provide domestic interstate telecom services without individual review. The agency framed the move as a national security measure and said it was also considering revoking existing blanket authorizations and requiring approval before carriers interconnect with Covered List entities.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
39 references tracked. Mallory keeps watching after this page renders.
bankinfosecurity.com
Open sourcegovinfosecurity.com
Open sourcearstechnica.com
Open sourcetherecord.media
Open sourcefoxbusiness.com
Open sourcesdxcentral.com
Open sourcesdxcentral.com
Open sourcesdxcentral.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.