// LIVE
OPSLago (YC S21) Is Hiring
OPSPoland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the E
OPS'Traces of unauthorized access': Mazda confirms data breach exposing employee an
OPSSurfshark launches HeyPolo, a privacy-first location sharing app to kill "always
OPSOpenClaw is fun. OpenClaw is dangerous. Here's where Tailscale helps.
OPSShow HN: Email.md – Markdown to responsive, email-safe HTML
OPSDo Security Teams Use tools like Cursor , WindSurf , co-pilot etc.. ?
OPSAutomated knowledge graph of server setup by agentic LLM - good idea?
OPSShould I buy R230 for $200 and will it support my needs?
OPSWhat trends are you seeing around self-hosted software at KubeCon EU?
OPSLightning-fast exploits make it essential to patch fast, ask questions later
OPSTool updates: lots of security and logic fixes, (Mon, Mar 23rd)
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
OPSLago (YC S21) Is Hiring
OPSPoland Faced a Surge in Cyberattacks in 2025, Including a Major Assault on the E
OPS'Traces of unauthorized access': Mazda confirms data breach exposing employee an
OPSSurfshark launches HeyPolo, a privacy-first location sharing app to kill "always
OPSOpenClaw is fun. OpenClaw is dangerous. Here's where Tailscale helps.
OPSShow HN: Email.md – Markdown to responsive, email-safe HTML
OPSDo Security Teams Use tools like Cursor , WindSurf , co-pilot etc.. ?
OPSAutomated knowledge graph of server setup by agentic LLM - good idea?
OPSShould I buy R230 for $200 and will it support my needs?
OPSWhat trends are you seeing around self-hosted software at KubeCon EU?
OPSLightning-fast exploits make it essential to patch fast, ask questions later
OPSTool updates: lots of security and logic fixes, (Mon, Mar 23rd)
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
nsysops@ops-intel:~$ ls -lt --range live

OPS INTEL

266 items · ARIA-monitored · page 23 of 54
266
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 0
HIGH (page) 5
MEDIUM (page) 0
LOW (page) 0
HIGH 95% confidence general

[remote] Windows 10.0.17763.7009 - Spoofing Vulnerability

A remote spoofing vulnerability in Windows 10.0.17763.7009 could allow attackers to impersonate legitimate users and gain unauthorized access. Immediate action.

['Potential for unauthorized access and data breaches', 'Risk of lateral movement within compromised networks']

Windows ServerWindows Desktop
action items (2)
  • Update to the latest Windows version or patch KB5028971
  • Review and reinforce network access controls

Exploit-DB ·

HIGH 85% confidence outage

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

Multiple campaigns targeting the Indian defense sector and government-aligned organizations with cross-platform remote access trojans designed to steal. Read fu

['Stealthy nature of RATs makes them hard to detect', 'Sophistication in attack vectors allows targeting of both major OS types', 'Infection can go undetected for long periods, compromising security continuously']

IT security teamsNetwork administratorsGovernment entities
action items (4)
  • Conduct thorough security audits of Windows and Linux environments
  • Review firewall rules to block suspicious traffic patterns
  • Increase scrutiny on data exfiltration attempts via network analysis
  • Educate employees about the risks of cross-platform malware

The Hacker News ·

HIGH 95% confidence cve

IceWarp Directory Traversal Vulnerability ZDI-26-130

ZDI-26-130 discloses a critical information disclosure vulnerability in IceWarp collaboration software allowing unauthorized access to sensitive data. Read full

['Exploitation can lead to unauthorized access and disclosure of sensitive data', 'Potentially exposing configuration details or private user information']

IceWarp users and administrators
action items (2)
  • Scan systems for this specific vulnerability using available tools
  • Update affected IceWarp installations with patches or hotfixes

Zero Day Initiative ·

HIGH 95% confidence general

ZDI-26-129: Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability

Learn about the critical ZDI-26-129 vulnerability affecting Socomec DIRIS A-40 power monitoring devices, enabling unauthorized access through an authentication.

['Impact on network security due to unauthorized access', 'Risk of data theft or disruption']

Network administratorsIT security professionals
action items (2)
  • Review security configurations and implement mitigations
  • Contact Socomec for updates or patches

Zero Day Initiative ·

HIGH 90% confidence cve

ZDI-26-128: Ubiquiti AI Pro Uncaught Exception DoS Vulnerability

Network-adjacent attackers can cause a denial-of-service condition on Ubiquiti Networks AI Pro without requiring authentication. CVSS rating: 6.5. Includes seve

["Lack of proper exception handling in Ubiquiti Networks' AI Pro leads to uncaught exceptions that an attacker can exploit for DoS attacks", 'Unauthenticated network access is sufficient for exploitation']

Network administratorsIT security teams
action items (2)
  • Update AI Pro installations with latest security patch available from Ubiquiti Networks
  • Monitor for unusual network activity indicative of attempted exploitation

Zero Day Initiative ·

ONLINE | ARIA: aria-32b | COMMIT: 8a445b6 | UPTIME: 29d 03:27 | LAST SCAN: 672H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--