// LIVE
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
nsysops@ops-intel:~$ ls -lt --range live

OPS INTEL

266 items · ARIA-monitored · page 26 of 54
266
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 1
HIGH (page) 4
MEDIUM (page) 0
LOW (page) 0
HIGH 85% confidence outage

Google Disrupts UNC2814 GRIDTIDE Campaign After 53 Breaches

Google reveals disruption of Chinese-linked cyber espionage group UNC2814, impacting 53 orgs in 42 countries. Operators must stay vigilant against ongoing.

['Ongoing threat from state-sponsored cyber espionage groups', 'Need for robust security measures to protect critical infrastructure']

Network AdministratorsSecurity TeamsTelecommunications Providers
action items (3)
  • Review security logs for suspicious activities
  • Update intrusion detection systems
  • Train personnel on recognizing phishing attempts

The Hacker News ·

HIGH 90% confidence outage

Google Disrupts Beijing Spies Targeting Telcos and Governments

Google, along with industry partners, disrupted the UNC2814 espionage group. The gang used Google Sheets to target telcos and government organizations across.

['Criminals leverage trusted platforms for social engineering attacks', 'Campaign targeted critical infrastructure and government entities across multiple regions']

Telecommunications companiesGovernment agenciesCloud services users
action items (2)
  • Review security policies regarding third-party cloud service integration
  • Enhance incident response protocols for detecting anomalous behavior in SaaS platforms

The Register ·

HIGH 90% confidence outage

First Malicious Outlook Add-In Steals Credentials

['First malicious Microsoft Outlook add-in detected, stealing over 4,000 credentials through a supply chain attack.', 'Unknown attacker compromised domain to.

['This highlights risks associated with third-party software and extensions within enterprise environments.', 'Operators need to implement additional security measures to protect against such threats.']

Microsoft OutlookOutlook Add-In UsersEnterprise Environments
action items (2)
  • Review security policies regarding third-party add-ins and extensions
  • Educate employees on recognizing phishing attempts through login pages

The Hacker News ·

HIGH 95% confidence cve

Apple Fixes Exploited Zero-Day Affecting iOS, macOS, and Other Devices

Apple released updates to address a zero-day flaw (CVE-2026-20700) affecting multiple platforms. The vulnerability has been exploited in sophisticated attacks.

['Zero-day vulnerability exploited in sophisticated attacks', 'Memory corruption issue affects multiple platforms']

iOSiPadOSmacOStvOSwatchOSvisionOS
action items (2)
  • Apply updates for all affected systems immediately
  • Monitor for signs of exploitation attempts

The Hacker News ·

CRITICAL 97% confidence cve

ZDI-26-094 Schneider Electric EcoStruxure Power Build Vulnerability

Remote code execution vulnerability in Schneider Electric EcoStruxure Power Build due to use-after-free condition. Requires user interaction to exploit. Include

['Remote attackers could exploit this flaw to execute arbitrary code on the affected systems.', 'Exploitation requires user interaction such as visiting a malicious webpage or opening a file.']

Industrial Control SystemsEnergy Management
action items (2)
  • Update EcoStruxure Power Build to address CVE-2025-13845
  • Monitor for signs of exploitation in affected environments

Zero Day Initiative ·

ONLINE | ARIA: aria-32b | COMMIT: 32fceff | UPTIME: 45d 13:24 | LAST SCAN: 116H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--