Bleeping Computer

Hackers exploit Cisco SNMP flaw to deploy rootkit on switches

Threat actors exploited a recently patched remote code execution vulnerability (CVE-2025-20352) in Cisco networking devices to deploy a rootkit and target unprotected Linux systems. The security issue ...
CSOonline

‘Zero Disco’ campaign hits legacy Cisco switches with fileless rootkit payloads

In newly disclosed real-world attacks, threat actors are found exploiting a Cisco Simple Network Management Protocol (SNMP) vulnerability to gain remote code execution (RCE) and install Linux rootkits ...