[tomek@vz]

Citiraj:

Trend Micro researchers disclosed details of a new campaign, tracked as Operation Zero Disco, that exploited a recently disclosed security flaw impacting Cisco IOS Software and IOS XE Software to deploy Linux rootkits on older, unprotected systems.
The vulnerability, tracked as CVE-2025-20352 (CVSS score: 7.7), impacts Cisco IOS and IOS XE Software. The high-severity vulnerability resides in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and IOS XE Software.
The flaw allows remote authenticated attackers to trigger a DoS condition with low privileges or achieve root code execution with high privileges. An attacker could exploit the flaw by sending a crafted SNMP packet to a vulnerable device over IPv4 or IPv6 networks. The root cause of this vulnerability is a stack overflow condition in the SNMP subsystem of the affected software. The vulnerability impacts all devices with SNMP enabled.

> securityaffairs

Citiraj:

A newly uncovered Linux rootkit, dubbed LinkPro, leverages extended Berkeley Packet Filter (eBPF) technology to conceal its presence and maintain persistence on compromised systems.
The Synacktiv CSIRT discovered the malware during an investigation of a breached AWS infrastructure. LinkPro operated as a stealthy backdoor across Elastic Kubernetes Service (EKS) clusters following the exploitation of a public-facing Jenkins server (CVE-2024-238976).​

> cyberpress