// LIVE
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
nsysops@ops-intel:~$ ls -lt --range live
OPS INTEL
209 items · ARIA-monitored · page 27 of 42
209
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 1
HIGH (page) 4
MEDIUM (page) 0
LOW (page) 0
HIGH 95% confidence cve

ZDI-26-097 Oracle VirtualBox VMSVGA Vulnerability

Local attackers can escalate privileges on affected Oracle VirtualBox installations through a heap-based buffer overflow. CVE-2026-21983 assigned. Includes seve

['Allows unauthorized access and control over guest systems', 'Increases risk of data breaches, system compromise']

Oracle VirtualBox usersSystem administrators managing virtualized environments
action items (2)
  • Patch systems immediately with the latest Oracle VirtualBox update
  • Review system logs for suspicious activity

Zero Day Initiative · 2026-02-23T07:01

HIGH 95% confidence cve

ZDI-26-096 Dassault eDrawings Viewer Vulnerability

['Remote code execution vulnerability in Dassault Systèmes eDrawings Viewer allows attackers to execute arbitrary code via malicious EPRT files. Requires user.

['Operators must address this vulnerability because it enables attackers to remotely execute arbitrary code, potentially leading to system compromise and data exfiltration. User interaction requirement lowers but does no

Dassault Systèmes eDrawings Viewer
action items (2)
  • Immediately update eDrawings Viewer to the latest version when a patch is released.
  • Implement network monitoring and intrusion detection systems (IDS) to detect and block malicious EPRT files.

Zero Day Initiative · 2026-02-23T06:31

HIGH 95% confidence cve

ZDI-26-095 Dassault eDrawings Viewer Vulnerability

Remote attackers can execute code on Dassault Systèmes eDrawings Viewer installations due to EPRT file parsing issue. CVSS rating: 7.8, CVE-2026-1284. Includes

['User interaction required for exploit', 'High CVSS score indicating significant risk']

WindowsMacOS
action items (2)
  • Install available software updates
  • Monitor for unusual activity

Zero Day Initiative · 2026-02-23T06:01

CRITICAL 95% confidence outage

In-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability

Threat actors have begun exploiting a critical security flaw in BeyondTrust Remote Support and Privileged Remote Access products, highlighting the need for.

['Critical security flaw poses significant risk to system integrity', 'Immediate action required to prevent data breaches and service disruptions']

BeyondTrust RS usersBeyondTrust PRA users
action items (2)
  • Update systems with latest security patches
  • Enhance monitoring for suspicious activity

The Hacker News · 2026-02-23T05:31

HIGH 90% confidence outage

npm's Supply Chain Security Update and Considerations

['npm implements major security updates post Sha1-Hulud incident but warns users about remaining supply-chain vulnerabilities.', "Read how npm's changes don't.

['To mitigate risks associated with supply chain attacks following the Sha1-Hulud event']

Node.js developersIT Security Teams
action items (2)
  • Review updated npm authentication methods
  • Enhance monitoring for suspicious activity in package registries

The Hacker News · 2026-02-23T05:01

ONLINE | ARIA: aria-32b | COMMIT: 55adc43 | UPTIME: 24d 15:45 | LAST SCAN: 14H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--