// LIVE
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
nsysops@ops-intel:~$ ls -lt --range live
OPS INTEL
209 items · ARIA-monitored · page 26 of 42
209
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 0
HIGH (page) 4
MEDIUM (page) 1
LOW (page) 0
HIGH 95% confidence cve

ZDI-26-102 Oracle VirtualBox VMSVGA OOB Write LPE Vulnerability

A local privilege escalation vulnerability in Oracle VirtualBox allows attackers to escalate privileges on affected systems after gaining high-privileged code.

['Local attacker can exploit this vulnerability after gaining high-privileged code execution rights to escalate privileges']

AdministratorsSecurity TeamsVirtualization Users
action items (2)
  • Update to the latest version of Oracle VirtualBox
  • Review and restrict user permissions for critical operations

Zero Day Initiative · 2026-02-23T09:31

MEDIUM 95% confidence cve

ZDI-26-101 Oracle VirtualBox BusLogic Vulnerability

A critical information disclosure flaw in Oracle VirtualBox's BusLogic component can be exploited by attackers to gain sensitive data. Includes severity, confid

['Local attackers can exploit the flaw after gaining high-privilege code execution to disclose sensitive information', 'CVSS severity rated at 6.0 indicating medium risk']

Oracle VirtualBox usersEnterprise environments with virtualization
action items (2)
  • Update to the latest version of Oracle VirtualBox
  • Review system configurations to prevent unauthorized access

Zero Day Initiative · 2026-02-23T09:01

HIGH 95% confidence cve

ZDI-26-100: Oracle VirtualBox LsiLogic Info Disclosure Vulnerability

Learn about the ZDI-26-100 info disclosure vuln in Oracle VirtualBox. Local attackers can exploit this to access sensitive data on affected systems. Includes se

['This issue allows local attackers with high-privilege access on the guest system to read sensitive data from memory']

System AdministratorsSecurity Teams
action items (2)
  • Apply the latest security updates for VirtualBox
  • Review and restrict high-privilege access

Zero Day Initiative · 2026-02-23T08:31

HIGH 90% confidence cve

ZDI-26-099 Oracle VirtualBox VMSVGA Race Condition Vulnerability

Local attackers can escalate privileges on affected Oracle VirtualBox installations through a race condition in the VMSVGA driver, rated CVSS 7.5. Includes seve

['Allows for unauthorized privilege elevation', 'Increases risk of lateral movement and data exfiltration']

System administratorsSecurity professionals
action items (2)
  • Patch affected systems immediately
  • Review and restrict privileges granted to VM users

Zero Day Initiative · 2026-02-23T08:01

HIGH 95% confidence cve

ZDI-26-098: Oracle VirtualBox VMSVGA Use-After-Free Local Privilege Escalation Vulnerability

Local attackers can escalate privileges on affected Oracle VirtualBox installations through a use-after-free vulnerability. CVE-2026-21955, CVSS rating 8.2.

['Enables unauthorized access and privilege elevation', 'Affects system integrity and confidentiality']

Oracle VirtualBox usersIT administrators
action items (2)
  • Apply available security patches immediately
  • Monitor for suspicious activities in affected environments

Zero Day Initiative · 2026-02-23T07:31

ONLINE | ARIA: aria-32b | COMMIT: 55adc43 | UPTIME: 24d 15:38 | LAST SCAN: 14H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--