Cybersecurity researchers have revealed a new campaign, dubbed Operation Zero Disco, which exploited a critical vulnerability (CVE-2025-20352) in Cisco IOS Software, enabling attackers to deploy Linux rootkits on older systems. This stack overflow flaw allowed remote code execution via crafted SNMP packets, targeting legacy devices like the Cisco 9400 and 9300 series. Notably, attackers utilized modified Telnet vulnerabilities for unauthorized access while employing spoofed identities to evade detection. Cisco patched the flaw recently, but the zero-day exploits highlight the ongoing risks to unprotected systems, particularly those lacking endpoint detection measures. This incident underscores the importance of timely updates and robust cybersecurity protocols in safeguarding critical infrastructure against evolving threats.