// LIVE
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
nsysops@ops-intel:~$ ls -lt --range live

OPS INTEL

266 items · ARIA-monitored · page 21 of 54
266
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 2
HIGH (page) 3
MEDIUM (page) 0
LOW (page) 0
CRITICAL 95% confidence cve

(Pwn2Own) Lexmark CX532adwe libesffls Directory Traversal RCE Vulnerability

Network-adjacent attackers can execute arbitrary code on Lexmark CX532adwe printers without authentication due to a directory traversal remote code execution.

['Impact on corporate and home networks', 'Potential for data exfiltration and system compromise', 'Risk of service disruption and loss']

IT administratorsNetwork Security TeamsPrinter Management Personnel
action items (3)
  • Review Lexmark CX532adwe usage in your environment
  • Apply available security updates immediately
  • Implement network segmentation around critical assets

Zero Day Initiative ·

HIGH 90% confidence cve

ZDI-26-062: Lexmark CX532adwe esfhelper Vulnerability

['Local attackers can escalate privileges on Lexmark CX532adwe printers. CVE-2025-65078, CVSS rating of 7.8.', 'ZDI alert for Lexmark CX532adwe with untrusted.

['Attackers need to execute low-privileged code initially, but this flaw allows for privilege escalation.']

Lexmark CX532adwe usersIT administrators managing networked printers
action items (3)
  • Audit existing Lexmark CX532adwe printer deployments
  • Apply vendor-provided patches immediately
  • Review and enforce least privilege access controls

Zero Day Initiative ·

HIGH 90% confidence cve

ZDI-26-070: Adobe ColdFusion CAR File Parsing RCE Vulnerability

Adobe ColdFusion suffers from a CAR file parsing directory traversal remote code execution vulnerability. Requires authentication but can lead to full system.

['CAR file parsing is vulnerable to directory traversal attacks', 'Authenticated access allows for potential privilege escalation and data exfiltration']

Adobe ColdFusion usersWeb application administrators
action items (2)
  • Update ColdFusion to the latest version with fixes
  • Review and restrict permissions for users with access to CAR files

Zero Day Initiative ·

HIGH 85% confidence cve

(0Day) Xmind Attachment Insufficient UI Warning Remote Code Execution Vulnerability

This entry discusses a critical remote code execution vulnerability in Xmind that requires user interaction to be exploited. Includes severity, confidence, and

['Understanding the specific conditions required for exploitation can help prioritize mitigation efforts', 'Remediation actions are crucial to prevent remote attacks']

IT security professionalsXmind users and administrators
action items (2)
  • Identify all instances running affected versions of Xmind
  • Deploy monitoring for suspicious activity

Zero Day Initiative ·

CRITICAL 95% confidence outage

Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

['Cisco SD-WAN Controller and Manager are affected by a zero-day flaw tracked as CVE-2026-20127, allowing unauthenticated attackers to bypass authentication.

['Failure to patch affected systems can lead to unauthorized access, data theft, and potential disruption of network services.', 'Immediate action is required to mitigate the risk of exploitation and protect sensitive in

Cisco SD-WANNetwork Security
action items (2)
  • Review system configurations and apply necessary security updates immediately.
  • Monitor networks for signs of exploitation and report any suspicious activity.

The Hacker News ·

ONLINE | ARIA: aria-32b | COMMIT: 32fceff | UPTIME: 45d 13:24 | LAST SCAN: 116H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--