// LIVE
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
nsysops@ops-intel:~$ ls -lt --range live

OPS INTEL

266 items · ARIA-monitored · page 18 of 54
266
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 0
HIGH (page) 5
MEDIUM (page) 0
LOW (page) 0
HIGH 92% confidence cve

ZDI-26-053: Progress Kemp LoadMaster listapikeys RCE Vulnerability

Remote Code Execution via listapikeys command injection in Progress Software Kemp LoadMaster with required auth. CVSS Rating 6.4. Includes severity, confidence,

['Critical flaw enables network-adjacent attackers to gain control over systems requiring only auth credentials']

network securityload balancers
action items (2)
  • Update to latest software version
  • Enhance authentication mechanisms

Zero Day Initiative ·

HIGH 85% confidence general

ZDI-26-052: Kemp LoadMaster getcipherset Command Injection Vulnerability

Network-adjacent attackers can execute arbitrary code on Progress Software Kemp LoadMaster with required auth. CVSS rating: 7.1. Includes severity, confidence,

['Insecure handling of user input leading to remote code execution']

Network administratorsSecurity teamsDevOps engineers
action items (2)
  • Update to the latest version of Kemp LoadMaster
  • Review and restrict permissions on getcipherset command usage

Zero Day Initiative ·

HIGH 95% confidence cve

ZDI-26-051: Kemp LoadMaster delcert Command Injection Vulnerability

Progress Software Kemp LoadMaster delcert command injection allows remote code execution with required auth. CVSS rating of 7.1, applies to network-adjacent.

['Exploit allows for unauthorized access and potential system compromise']

Network security operations, systems administrators
action items (1)
  • Apply available patches or updates for Kemp LoadMaster

Zero Day Initiative ·

HIGH 95% confidence cve

ZDI-26-059: CyberArk EPM Local Privilege Escalation Vulnerability

['CyberArk Endpoint Privilege Management suffers from a local privilege escalation issue. This flaw allows unprivileged users to escalate privileges on. Read fu

['The vulnerability stems from improper privilege management within EPM that permits a local user to execute commands or processes outside of their granted access level.', '96']

WindowsLinux
action items (2)
  • Update EPM immediately using vendor patches or mitigations.
  • Review system configurations and ensure compliance with least privilege principles.

Zero Day Initiative ·

HIGH 85% confidence cve

ZDI-26-058: AzeoTech DAQFactory Pro CTL File Parsing Vulnerability

Remote code execution vulnerability in AzeoTech DAQFactory Pro via CTL file parsing. CVSS rating of 7.8, CVE-2025-66589. Includes severity, confidence, and acti

['Exploitation requires user interaction', 'Attackers may execute arbitrary code remotely', 'CVSS rating of 7.8 indicates high severity']

WindowsLinuxUnix-like systems
action items (2)
  • Review system configurations for AzeoTech DAQFactory Pro
  • Implement patches or updates provided by vendor

Zero Day Initiative ·

ONLINE | ARIA: aria-32b | COMMIT: 32fceff | UPTIME: 45d 13:24 | LAST SCAN: 116H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--