// LIVE
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
nsysops@ops-intel:~$ ls -lt --range live
OPS INTEL
209 items · ARIA-monitored · page 15 of 42
209
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 2
HIGH (page) 3
MEDIUM (page) 0
LOW (page) 0
HIGH 90% confidence outage

First Malicious Outlook Add-In Steals Credentials

['First malicious Microsoft Outlook add-in detected, stealing over 4,000 credentials through a supply chain attack.', 'Unknown attacker compromised domain to.

['This highlights risks associated with third-party software and extensions within enterprise environments.', 'Operators need to implement additional security measures to protect against such threats.']

Microsoft OutlookOutlook Add-In UsersEnterprise Environments
action items (2)
  • Review security policies regarding third-party add-ins and extensions
  • Educate employees on recognizing phishing attempts through login pages

The Hacker News · 2026-02-25T14:31

HIGH 95% confidence cve

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other Devices

Apple released updates to address a zero-day flaw (CVE-2026-20700) affecting multiple platforms. The vulnerability has been exploited in sophisticated attacks.

['Zero-day vulnerability exploited in sophisticated attacks', 'Memory corruption issue affects multiple platforms']

iOSiPadOSmacOStvOSwatchOSvisionOS
action items (2)
  • Apply updates for all affected systems immediately
  • Monitor for signs of exploitation attempts

The Hacker News · 2026-02-25T14:31

CRITICAL 97% confidence cve

ZDI-26-094 Schneider Electric EcoStruxure Power Build Vulnerability

Remote code execution vulnerability in Schneider Electric EcoStruxure Power Build due to use-after-free condition. Requires user interaction to exploit. Include

['Remote attackers could exploit this flaw to execute arbitrary code on the affected systems.', 'Exploitation requires user interaction such as visiting a malicious webpage or opening a file.']

Industrial Control SystemsEnergy Management
action items (2)
  • Update EcoStruxure Power Build to address CVE-2025-13845
  • Monitor for signs of exploitation in affected environments

Zero Day Initiative · 2026-02-25T14:31

HIGH 95% confidence cve

ZDI-26-093 Schneider Electric EcoStruxure Power Build Vulnerability

Schneider Electric EcoStruxure Power Build suffers from a use-after-free flaw allowing remote code execution. Requires user interaction to exploit. Includes sev

['Potential exploitation can lead to unauthorized access and control of systems.', 'User action is necessary for the vulnerability to be exploited, reducing immediate risk but not eliminating it entirely.']

Industrial Control SystemsPower Management
action items (2)
  • Apply available patches or updates immediately.
  • Review system configurations and update security policies accordingly.

Zero Day Initiative · 2026-02-25T14:31

CRITICAL 98% confidence cve

ZDI-26-092 Schneider Electric EcoStruxure Power Build Vulnerability

Schneider Electric's EcoStruxure Power Build is vulnerable to a remote code execution attack through memory corruption in SSD file parsing. CVSS rating: 7.8.

['Remote attackers can exploit this issue to run arbitrary code on affected systems', 'User interaction is required for exploitation, such as opening a malicious file or visiting an untrusted website']

Industrial Control SystemsCritical Infrastructure
action items (2)
  • Update to the latest version of EcoStruxure Power Build
  • Monitor systems for suspicious activity related to SSD file parsing

Zero Day Initiative · 2026-02-25T14:31

ONLINE | ARIA: aria-32b | COMMIT: 55adc43 | UPTIME: 24d 14:43 | LAST SCAN: 13H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--