Vulnerability
Operation Zero Disco exploits Cisco SNMP flaw for rootkits
Lisa Kern Larawang ginawa ng AI
Cyber threat actors in Operation Zero Disco have exploited a vulnerability in Cisco's SNMP service to install persistent Linux rootkits on network devices. The campaign targets older Cisco switches and uses crafted packets to achieve remote code execution. Trend Micro researchers disclosed the attacks on October 16, 2025, highlighting risks to unpatched systems.
CISA confirms Linux kernel flaw exploited in ransomware attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that a high-severity privilege escalation vulnerability in the Linux kernel, known as CVE-2024-1086, is now being exploited by ransomware gangs. The flaw, a use-after-free issue in the netfilter: nf_tables component, was introduced in February 2014 and patched in January 2024. It affects major Linux distributions including Debian, Ubuntu, Fedora, and Red Hat.
Cisco SNMP vulnerability exploited to deploy Linux rootkits
Iniulat ng AI
Cybersecurity firm Trend Micro has revealed Operation Zero Disco, a campaign exploiting a critical Cisco SNMP flaw to install rootkits on network devices. The attack targets older switches, enabling persistent access and evasion of detection. As of October 2025, it has compromised enterprise networks reliant on legacy infrastructure.
Unity game engine vulnerability affects Android, Linux, macOS and Windows
A serious security flaw in the Unity game engine runtime allows attackers to execute malicious code on multiple platforms. Microsoft has warned users of affected apps and games, recommending immediate uninstallation until patches are available. The vulnerability, rated high risk with a CVSS score of 8.4, impacts software built with Unity Editor version 2017.1 or newer.
PoC exploit released for Linux-PAM vulnerability allowing root escalation
A high-severity vulnerability in the Linux Pluggable Authentication Modules framework, identified as CVE-2025-8941, enables local attackers to gain root privileges through symlink attacks and race conditions. Security researchers have released a proof-of-concept exploit, highlighting risks to Linux systems. The flaw affects multiple distributions and requires immediate patching.
CISA warns of exploited high-severity Windows SMB flaw
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a high-severity vulnerability in Windows SMB that is now being exploited in attacks. Windows users are urged to update their systems immediately to mitigate the risk. The alert emphasizes the need for prompt action against this security threat.