Attackers leveraged a Cisco SNMP vulnerability (CVE-2025-20352) to install Linux rootkits on outdated and unsecured systems. This allowed them to achieve remote code execution (RCE) and maintain persistent, unauthorized access by setting universal passwords and embedding hooks into the IOSd memory space....