// LIVE
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
nsysops@ops-intel:~$ ls -lt --range live

OPS INTEL

266 items · ARIA-monitored · page 34 of 54
266
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 1
HIGH (page) 2
MEDIUM (page) 2
LOW (page) 0
HIGH 90% confidence outage

APT28 Uses Webhook-Based Macro Malware in Europe

APT28 targets European entities with webhook-based macro malware, active from Sep 2025 to Jan 2026. Read about the tactics and tools used by this Russia-linked.

['Threat actors exploit legitimate services for cover', 'Basic tooling used to evade detection']

European entitiesWestern and Central Europe
action items (3)
  • Review security logs for suspicious webhook actions
  • Conduct a thorough assessment of macro usage in the environment
  • Apply necessary patches to mitigate known vulnerabilities

The Hacker News ·

MEDIUM 85% confidence general

Claude Code Security Checker Causes Infosec Panic

["Anthropic's release of Claude Code Security has caused a stir in infosec circles, prompting concerns about new AI-driven security tools.", "Infosec community.

['Operators must assess how AI-driven tools like Claude fit into their existing security frameworks.', "There's an ongoing discussion on whether relying too heavily on AI could compromise human oversight in critical secu

DevelopersSecurity teamsIT administrators
action items (2)
  • Conduct thorough testing of Claude Code Security or similar tools in a controlled environment
  • Review current security policies to adapt to potential changes brought by AI-driven solutions

The Register ·

MEDIUM 85% confidence advisory

Ladybird Web Browser Shifts from Swift to Rust

['Independent Ladybird web browser project transitions away from Swift towards Rust programming language, leveraging AI for code translation and evaluation.']

["To enhance security and performance with Rust's memory safety features while reducing maintenance overhead with automated coding assistance."]

Web Browser DevelopersAI in Software Development
action items (2)
  • Evaluate Rust's benefits for existing projects.
  • Assess the feasibility of using AI for automated coding tasks.

The Register ·

HIGH 85% confidence outage

Wormable XMRig Campaign Uses BYOVD Exploit

Cybersecurity researchers reveal a new cryptojacking campaign using pirated software to deploy a customized XMRig miner, causing instability on victim systems.

['Maximize hash rate through destabilizing network performance', 'Utilizes sophisticated multi-stage infection tactics']

Linux serversWindows workstations
action items (2)
  • Deploy endpoint detection and response tools
  • Review and update incident response plan

The Hacker News ·

CRITICAL 95% confidence cve

ZDI-26-074: GFI Archiver MARC.Core Deserialization Vulnerability

Critical RCE flaw in GFI Archiver's MARC.Core component allows bypassing auth to execute arbitrary code. CVSS rating of 8.8. Includes severity, confidence, and

['Critical CVSS rating of 8.8 highlights severe risk', 'Authentication mechanisms can be circumvented']

GFI Archiver usersEnterprise network administrators
action items (2)
  • Update GFI Archiver to the latest version
  • Configure strict authentication policies

Zero Day Initiative ·

ONLINE | ARIA: aria-32b | COMMIT: 32fceff | UPTIME: 45d 13:24 | LAST SCAN: 116H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--