Vulnerability
Operation Zero Disco exploits Cisco SNMP flaw for rootkits
Lisa Kern AI에 의해 생성된 이미지
Cyber threat actors in Operation Zero Disco have exploited a vulnerability in Cisco's SNMP service to install persistent Linux rootkits on network devices. The campaign targets older Cisco switches and uses crafted packets to achieve remote code execution. Trend Micro researchers disclosed the attacks on October 16, 2025, highlighting risks to unpatched systems.
PoC released for Linux-PAM vulnerability enabling root escalation
A proof-of-concept exploit has been released for CVE-2025-8941, a high-severity flaw in Linux-PAM's pam_namespace module. The vulnerability allows local attackers with low privileges to gain root access through race conditions and symlink manipulation. Security experts urge immediate patching to prevent system compromise.
Cisco SNMP vulnerability exploited to deploy Linux rootkits
AI에 의해 보고됨
Cybersecurity firm Trend Micro has revealed Operation Zero Disco, a campaign exploiting a critical Cisco SNMP flaw to install rootkits on network devices. The attack targets older switches, enabling persistent access and evasion of detection. As of October 2025, it has compromised enterprise networks reliant on legacy infrastructure.
PoC exploit released for Linux-PAM vulnerability allowing root escalation
A high-severity vulnerability in the Linux Pluggable Authentication Modules framework, identified as CVE-2025-8941, enables local attackers to gain root privileges through symlink attacks and race conditions. Security researchers have released a proof-of-concept exploit, highlighting risks to Linux systems. The flaw affects multiple distributions and requires immediate patching.
CISA warns of exploited high-severity Windows SMB flaw
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a high-severity vulnerability in Windows SMB that is now being exploited in attacks. Windows users are urged to update their systems immediately to mitigate the risk. The alert emphasizes the need for prompt action against this security threat.
CISA confirms Linux kernel flaw exploited in ransomware attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that a high-severity privilege escalation vulnerability in the Linux kernel, known as CVE-2024-1086, is now being exploited by ransomware gangs. The flaw, a use-after-free issue in the netfilter: nf_tables component, was introduced in February 2014 and patched in January 2024. It affects major Linux distributions including Debian, Ubuntu, Fedora, and Red Hat.