Cisco
Operation Zero Disco exploits Cisco SNMP flaw for rootkits
AI에 의해 보고됨 AI에 의해 생성된 이미지
Cyber threat actors in Operation Zero Disco have exploited a vulnerability in Cisco's SNMP service to install persistent Linux rootkits on network devices. The campaign targets older Cisco switches and uses crafted packets to achieve remote code execution. Trend Micro researchers disclosed the attacks on October 16, 2025, highlighting risks to unpatched systems.
Cisco Talos has detailed how a Chinese-linked group is exploiting an unpatched zero-day in email security appliances since late November 2025, deploying backdoors and log-wiping tools for persistent access.
AI에 의해 보고됨
Cybersecurity firm Trend Micro has revealed Operation Zero Disco, a campaign exploiting a critical Cisco SNMP flaw to install rootkits on network devices. The attack targets older switches, enabling persistent access and evasion of detection. As of October 2025, it has compromised enterprise networks reliant on legacy infrastructure.