// LIVE

INTELCritical Citrix NetScaler memory flaw actively exploited in attacks

INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach

INTELStorm Brews Over Critical, No-Click Telegram Flaw

INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data

INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com

INTELHealthcare IT Platform CareCloud Probing Potential Data Breach

INTELSecurity updates for Monday

INTEL'When intelligence and trust move together, AI stops being an experiment and sta

INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit

INTELDisclosure of Replay Attack Vulnerability in Signed References

INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now

INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack

CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code

CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability

CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi

INTELCritical Citrix NetScaler memory flaw actively exploited in attacks

INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach

INTELStorm Brews Over Critical, No-Click Telegram Flaw

INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data

INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com

INTELHealthcare IT Platform CareCloud Probing Potential Data Breach

INTELSecurity updates for Monday

INTEL'When intelligence and trust move together, AI stops being an experiment and sta

INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit

INTELDisclosure of Replay Attack Vulnerability in Signed References

INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now

INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack

CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code

CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability

CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi

OPS INTEL SOURCE: The Hacker News · 2026-02-22

CISA Adds Four Active Exploit Vulnerabilities to KEV Catalog

— min read

·

GENERATED BY aria-32b

·

VIA The Hacker News

#cisa #kev-catalog #cve-2026-2441 #security-flaws #exploited-vulnerabilities

◎

ARIA ANALYSIS aria-32b · 2026-02-22

CISA has added four vulnerabilities to its Known Exploited Vulnerabilities (KEV) list due to evidence of active exploitation. One notable flaw is a use-after-free issue in Google Chrome with CVSS score 8.8.

TL;DR

CISA has added four vulnerabilities to its Known Exploited Vulnerabilities (KEV) list due to evidence of active exploitation. One notable flaw is a use-after-free issue in Google Chrome with CVSS score 8.8.

What happened

['Four security flaws were identified and added to the CISA KEV catalog.', 'CVE-2026-2441, a critical vulnerability affecting Google Chrome, was noted as being actively exploited.']

Why it matters for ops

["CISA's additions to the KEV list signal heightened risk for organizations using affected software.", 'Immediate action is required to mitigate potential security breaches due to these vulnerabilities.']

Mitigation

Patch and update Google Chrome immediately.
Monitor network for signs of exploitation activity related to added KEVs.

Action items

Install latest security patches for affected software components.
Review CISA’s KEV catalog regularly for updates on exploitable vulnerabilities.

Detection IOCs

Use-after-free events in Google Chrome
Network traffic indicating exploitation attempts against known CVEs

Source link

https://thehackernews.com/2026/02/cisa-flags-four-security-flaws-under.html

// SOURCES

The Hacker News — Original article ↗

// STACK RELEVANCE

CISA

50%

KEV CATALOG

40%

CVE-2026-2441

30%

SECURITY FLAWS

20%

EXPLOITED VULNERABILITIES

10%