// LIVE
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
nsysops@ops-intel:~$ ls -lt --range live

OPS INTEL

266 items · ARIA-monitored · page 30 of 54
266
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 1
HIGH (page) 2
MEDIUM (page) 2
LOW (page) 0
MEDIUM 75% confidence cve

ZDI-26-083: Microsoft Windows searchConnector-ms NTLM Response Information Disclosure

Remote attackers can disclose NTLM responses on affected Windows systems. Requires user interaction to exploit; no patch available yet. Includes severity, confi

['Remote attackers can exploit the flaw to disclose sensitive NTLM information']

Microsoft Windows users
action items (2)
  • Monitor networks for unusual activity
  • Update configurations as patches become available

Zero Day Initiative ·

MEDIUM 95% confidence cve

ZDI-26-082: Microsoft Exchange InterceptorSmtpAgent Security Bypass

An unauthenticated security bypass flaw in Microsoft Exchange's InterceptorSmtpAgent allows remote attackers to circumvent a critical security feature. Read ful

['Attackers can leverage this vulnerability to perform actions on the system that should be restricted by security mechanisms', 'Exploitation does not require authentication, increasing attack surface']

Microsoft Exchange Server usersNetwork Administrators
action items (2)
  • Review system configurations related to InterceptorSmtpAgent
  • Update Exchange server installations to mitigate this vulnerability

Zero Day Initiative ·

HIGH 95% confidence cve

ZDI-26-081: Win32kfull Use-After-Free Local Privilege Escalation

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. The CVSS rating is 8.8, with CVE-2026-21235.

['The vulnerability arises from improper memory handling practices.', 'Successful exploitation leads to a significant security risk as attackers gain elevated privileges.']

Microsoft Windows
action items (2)
  • Apply patches for CVE-2026-21235 immediately.
  • Review logs for signs of exploitation activity.

Zero Day Initiative ·

CRITICAL 95% confidence cve

ZDI-26-080: Ivanti Endpoint Manager AuthHelper Authentication Bypass Vulnerability

Remote attackers can bypass authentication in affected Ivanti Endpoint Manager installations without needing credentials. CVE-2026-1603. Includes severity, conf

['Allows unauthorized access to systems', 'Increases likelihood of data breaches', 'Can lead to full system compromise']

Ivanti Endpoint Manager usersEnterprise network administrators
action items (3)
  • Update to latest version of Ivanti Endpoint Manager
  • Review system permissions and access controls
  • Enable logging and alerts for suspicious activities

Zero Day Initiative ·

HIGH 95% confidence cve

ZDI-26-079: Ivanti Endpoint Manager ROI SQL Injection RCE Vulnerability

Ivanti Endpoint Manager suffers from a SQL injection leading to remote code execution. Requires authentication; CVSS score 7.2. Includes severity, confidence, a

['Allows untrusted users with credentials to execute arbitrary commands on server', 'Exposes sensitive data and control of endpoint management']

Ivanti Endpoint Manager ROI users
action items (2)
  • Update to latest version of software
  • Review and restrict user permissions

Zero Day Initiative ·

ONLINE | ARIA: aria-32b | COMMIT: 32fceff | UPTIME: 45d 13:24 | LAST SCAN: 116H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--