// LIVE
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
nsysops@ops-intel:~$ ls -lt --range live

OPS INTEL

266 items · ARIA-monitored · page 24 of 54
266
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 2
HIGH (page) 2
MEDIUM (page) 1
LOW (page) 0
HIGH 90% confidence cve

ZDI-26-127: Ubiquiti Networks AI Pro Cleartext Transmission Vulnerability

Network-adjacent attackers can disclose sensitive information on Ubiquiti Networks AI Pro without requiring authentication. CVSS rating of 5.3 assigned. Include

['Sensitive data exposure risk', 'Unauthorized access possible without credentials']

Network administratorsSecurity teams
action items (2)
  • Review security configurations
  • Update to the latest version

Zero Day Initiative ·

MEDIUM 95% confidence cve

(Pwn2Own) Ubiquiti Networks AI Pro Discovery Protocol Missing Encryption Protocol Downgrade Vulnerability

Network-adjacent attackers can downgrade the communication protocol on affected Ubiquiti Networks AI Pro installations without requiring authentication. Read fu

['Allows unauthorized downgrading of security protocols', 'Exposes systems to unencrypted communication risks']

Network administratorsSecurity operations teams
action items (2)
  • Verify system configuration for proper protocol usage
  • Monitor network traffic for unencrypted communications

Zero Day Initiative ·

CRITICAL 95% confidence cve

ZDI-26-125: Docker Desktop grpcfuse Kernel Module OOB Read Info Disclosure Vulnerability

A critical information disclosure vulnerability in Docker Desktop's grpcfuse kernel module allows local attackers to access sensitive data, requiring low. Read

['Local access is required for exploitation but can be used by attackers with low privileges.', "The flaw affects Docker Desktop's security by exposing sensitive data that could aid further attacks."]

LinuxWindows
action items (2)
  • Verify all systems running Docker Desktop are updated.
  • Monitor systems closely for any unusual activity related to the affected module.

Zero Day Initiative ·

CRITICAL 98% confidence cve

ZDI-26-124: claude-hovercraft executeClaudeCode Command Injection RCE Vulnerability

Remote attackers can execute arbitrary code on affected claude-hovercraft installations without requiring authentication. CVSS rating of 9.8 assigned. Includes

['Failure to update or patch systems leaves them vulnerable to RCE attacks', 'Command injection vulnerabilities allow attackers full control over targeted systems']

claude-hovercraft users and operatorsEnterprise IT environments using affected software versions
action items (2)
  • Review system configurations for any instances of claude-hovercraft
  • Update affected systems with the latest patches from official channels

Zero Day Initiative ·

HIGH 95% confidence cve

ZDI-26-132: Siemens SINEC NMS Privilege Escalation Vulnerability

Local attackers can escalate privileges on affected Siemens SINEC NMS installations via uncontrolled search path element. Requires initial low-privilege code.

['Enables unauthorized access and potential system compromise']

IT OperationsSecurity Teams
action items (2)
  • Apply available security patches immediately
  • Review system access controls and logging

Zero Day Initiative ·

ONLINE | ARIA: aria-32b | COMMIT: 32fceff | UPTIME: 45d 13:24 | LAST SCAN: 116H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--