// LIVE
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
nsysops@ops-intel:~$ ls -lt --range live
OPS INTEL
209 items · ARIA-monitored · page 31 of 42
209
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 3
HIGH (page) 2
MEDIUM (page) 0
LOW (page) 0
CRITICAL 95% confidence cve

Grandstream GXP1600 VoIP Phones Exposed to RCE Vulnerability

Critical security flaw CVE-2026-2329 in Grandstream GXP1600 series of VoIP phones allows unauthenticated remote code execution. CVSS score: 9.3. Includes severi

['Allows attackers to gain full control of affected devices remotely', 'Potentially leads to data theft and disruption of communication services']

Enterprise environments using Grandstream GXP1600 series VoIP phones
action items (3)
  • Update all Grandstream GXP1600 VoIP phones with latest firmware
  • Monitor network for signs of compromised devices
  • Contact Grandstream support for further guidance on securing devices

The Hacker News · 2026-02-22T10:31

HIGH 95% confidence outage

UK Council Data Breach Exposes Transgender Complaint Details

['A UK council mishandles transgender complaint data, breaching confidentiality and exposing personal details.', 'Personal information of complainants was.

['Mishandling of sensitive data during public discourse led to unauthorized disclosure.', 'Lack of proper security measures for handling confidential complaints in a public setting caused this incident.']

Local GovernmentData Protection Compliance
action items (2)
  • Review and update policies regarding the confidentiality of personal information in public settings.
  • Enhance technical safeguards to prevent unauthorized disclosures during public engagements.

The Register · 2026-02-22T10:01

HIGH 85% confidence cve

ZDI-26-122: PDF-XChange Editor Vulnerability

Local attackers can exploit this vulnerability to escalate privileges on PDF-XChange Editor installations. Requires low-privileged code execution. Includes seve

['Lack of proper validation for search path elements allows privilege escalation', 'Exploitation requires specific conditions but poses serious security risks once achieved']

WindowsMac OS X
action items (3)
  • Apply available updates immediately
  • Review system configurations and user privileges
  • Monitor logs for suspicious activity related to privilege escalation attempts

Zero Day Initiative · 2026-02-22T09:31

CRITICAL 95% confidence cve

ZDI-26-121: GIMP XWD File Parsing Vulnerability

A critical remote code execution flaw in GIMP's XWD file parsing could allow attackers to execute arbitrary code on affected systems. Requires user interaction.

["Vulnerability in GIMP's file parsing module", 'Risk of arbitrary code execution']

LinuxmacOSWindows
action items (2)
  • Review and update affected systems
  • Educate users on risks associated with file types like XWD

Zero Day Initiative · 2026-02-22T09:01

CRITICAL 95% confidence cve

ZDI-26-120: GIMP ICNS File Parsing Vulnerability

Remote attackers can execute arbitrary code on affected installations of GIMP through a heap-based buffer overflow in the ICNS file parsing module. Read full op

['Allows remote attackers to execute arbitrary code', 'Requires user interaction (visiting a malicious page or opening a file)']

LinuxmacOSWindows
action items (2)
  • Upgrade or patch immediately
  • Monitor network traffic for suspicious ICNS file transfers

Zero Day Initiative · 2026-02-22T08:31

ONLINE | ARIA: aria-32b | COMMIT: 55adc43 | UPTIME: 24d 15:45 | LAST SCAN: 14H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--