Vulnerability
Operation Zero Disco exploits Cisco SNMP flaw for rootkits
Lisa Kern Image generated by AI
Cyber threat actors in Operation Zero Disco have exploited a vulnerability in Cisco's SNMP service to install persistent Linux rootkits on network devices. The campaign targets older Cisco switches and uses crafted packets to achieve remote code execution. Trend Micro researchers disclosed the attacks on October 16, 2025, highlighting risks to unpatched systems.
Cisco SNMP vulnerability exploited to deploy Linux rootkits
Reported by AI
Cybersecurity firm Trend Micro has revealed Operation Zero Disco, a campaign exploiting a critical Cisco SNMP flaw to install rootkits on network devices. The attack targets older switches, enabling persistent access and evasion of detection. As of October 2025, it has compromised enterprise networks reliant on legacy infrastructure.
Cisco firewalls face widespread vulnerability risk
Security researchers have identified a critical vulnerability affecting around 50,000 Cisco firewalls worldwide. The flaw could allow attackers to execute arbitrary code remotely. Cisco has urged users to patch immediately to mitigate the threat.
PoC exploit released for Linux-PAM vulnerability allowing root escalation
A high-severity vulnerability in the Linux Pluggable Authentication Modules framework, identified as CVE-2025-8941, enables local attackers to gain root privileges through symlink attacks and race conditions. Security researchers have released a proof-of-concept exploit, highlighting risks to Linux systems. The flaw affects multiple distributions and requires immediate patching.
Red Hat Announces CVE-2025-9566 Alert
Red Hat issued an alert for CVE-2025-9566 affecting Red Hat Enterprise Linux 10. The vulnerability was highlighted in a security update, prompting users to apply necessary patches. This development underscores ongoing efforts to maintain system security in enterprise environments.
CISA confirms Linux kernel flaw exploited in ransomware attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that a high-severity privilege escalation vulnerability in the Linux kernel, known as CVE-2024-1086, is now being exploited by ransomware gangs. The flaw, a use-after-free issue in the netfilter: nf_tables component, was introduced in February 2014 and patched in January 2024. It affects major Linux distributions including Debian, Ubuntu, Fedora, and Red Hat.