Cisco

Follow
Illustration of a cyber attack on Cisco devices, showing analysts monitoring screens with code and warnings in a dark operations room.
Image generated by AI

Operation Zero Disco exploits Cisco SNMP flaw for rootkits

Reported by AI Image generated by AI

Cyber threat actors in Operation Zero Disco have exploited a vulnerability in Cisco's SNMP service to install persistent Linux rootkits on network devices. The campaign targets older Cisco switches and uses crafted packets to achieve remote code execution. Trend Micro researchers disclosed the attacks on October 16, 2025, highlighting risks to unpatched systems.

Chinese hackers install backdoors via Cisco email zero-day

Cisco Talos has detailed how a Chinese-linked group is exploiting an unpatched zero-day in email security appliances since late November 2025, deploying backdoors and log-wiping tools for persistent access.

Cisco SNMP vulnerability exploited to deploy Linux rootkits

Reported by AI

Cybersecurity firm Trend Micro has revealed Operation Zero Disco, a campaign exploiting a critical Cisco SNMP flaw to install rootkits on network devices. The attack targets older switches, enabling persistent access and evasion of detection. As of October 2025, it has compromised enterprise networks reliant on legacy infrastructure.

October 02, 2025 01:28

Cisco firewalls face widespread vulnerability risk

This website uses cookies

We use cookies for analytics to improve our site. Read our privacy policy for more information.
Decline