// LIVE
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
nsysops@ops-intel:~$ ls -lt --range live
OPS INTEL
209 items · ARIA-monitored · page 33 of 42
209
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 2
HIGH (page) 3
MEDIUM (page) 0
LOW (page) 0
HIGH 95% confidence cve

ZDI-26-114 eDrawings Viewer Vulnerability

Remote code execution flaw in Dassault Systèmes' eDrawings Viewer affects EPRT file parsing. CVSS rating of 7.8. Includes severity, confidence, and actionable r

['Requires user interaction for exploitation, but poses risk to users opening suspicious attachments or visiting compromised sites', 'CVSS rating indicates high severity impact and ease of exploit']

WindowsmacOSLinux
action items (2)
  • Update Dassault Systèmes eDrawings Viewer software to the latest version
  • Deploy intrusion detection systems to monitor for unusual file parsing activities

Zero Day Initiative · 2026-02-22T05:31

HIGH 95% confidence cve

ZDI-26-113: eDrawings Viewer EPRT File Parsing Vulnerability

Remote code execution vulnerability in Dassault Systèmes eDrawings Viewer allows attackers to execute arbitrary code via malicious EPRT files, requiring user.

['Requires user interaction, such as opening a malicious file', 'Can be exploited remotely by sending specially crafted EPRT files', 'Has been assigned CVSS rating of 7.8 indicating high severity']

WindowsmacOSLinux
action items (3)
  • Patch affected systems immediately
  • Review network traffic for signs of exploitation
  • Inform users about the potential risks and safe handling practices

Zero Day Initiative · 2026-02-22T05:01

CRITICAL 90% confidence cve

Dassault Systèmes eDrawings Viewer EPRT File Parsing Vulnerability

A critical RCE flaw in Dassault Systèmes eDrawings Viewer allows remote code execution via EPRT files. CVE-2026-1333. Includes severity, confidence, and actiona

['Remote code execution possible with user interaction', 'Malicious EPRT files can exploit the flaw']

WindowsmacOSLinux
action items (2)
  • Apply security updates provided by Dassault Systèmes
  • Restrict use of EPRT files in environments

Zero Day Initiative · 2026-02-22T04:01

CRITICAL 95% confidence cve

ZDI-26-111: MLflow Default Password Bypass Vulnerability

Remote attackers can bypass MLflow authentication using default password, no auth required. CVSS rating of 9.8. Includes severity, confidence, and actionable re

['Default passwords often remain unchanged, exposing systems to threats', 'Exploitation requires minimal effort due to no auth requirement']

DevOps teamsSystem administrators
action items (2)
  • Review system configurations for default password usage
  • Patch affected systems as soon as possible

Zero Day Initiative · 2026-02-22T03:31

HIGH 95% confidence cve

ZDI-26-110: Bosch Rexroth IndraWorks Print Settings RCE Vulnerability

['Bosch Rexroth IndraWorks suffers from a deserialization of untrusted data vulnerability leading to remote code execution.', 'CVEs assigned for the. Read full

['Operators need to be aware that a specific file parsing flaw within the Bosch Rexroth IndraWorks software could allow unauthorized access and command execution on affected systems.', 'This highlights the importance of

Bosch Rexroth IndraWorksIndustrial Control Systems
action items (3)
  • Update IndraWorks software immediately with provided patches from Bosch Rexroth.
  • Implement strict access controls and logging on systems utilizing IndraWorks print settings files.
  • Educate employees about the risks of handling untrusted data in production environments.

Zero Day Initiative · 2026-02-22T03:01

ONLINE | ARIA: aria-32b | COMMIT: 55adc43 | UPTIME: 24d 15:59 | LAST SCAN: 14H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--