OPS INTEL

HIGH 95% confidence advisory

Bypassing Windows Administrator Protection with UI Access

['Google Project Zero reveals 5 root causes of bypasses in the new Windows Administrator Protection feature, focusing on implementation issues and. Read full op

['This research underscores the importance of re-evaluating existing security features and understanding long-standing issues like UI Access in context with modern exploitation techniques.']

Windows AdministratorsSecurity Analysts

action items (2)

• Review and understand the implications of UI Access control in your Windows environment
• Implement monitoring to detect unauthorized access to administrative interfaces via user interfaces

Google Project Zero · 2026-02-23T13:01

HIGH 95% confidence advisory

AI Prompt RCE Exploit Alert for SysAdmins

Alert on AI prompt Remote Code Execution (RCE) and other threats targeting system vulnerabilities. Stay informed with NSYSOps Intel. Includes severity, confiden

['Exploits leverage trusted AI systems to evade detection.', 'Attack patterns shift towards simpler initial access methods but complex post-compromise tactics.', 'RCE vulnerabilities provide attackers with full control o

IT security teamsDevOps engineers

action items (3)

• Conduct a thorough audit of all AI systems and their integrations.
• Enhance monitoring to detect unusual activity or RCE attempts.
• Deploy signature-based detection for known malware vectors.

The Hacker News · 2026-02-23T12:31

HIGH 90% confidence outage

AWS Incident: Over 600 FortiGate Firewalls Compromised

['Russian-speaking cybercriminals used AI tools to compromise over 600 internet-exposed FortiGate firewalls across 55 countries.', 'Incident highlights the.

['Generative AI was used to enhance attack vectors and automate discovery of vulnerable firewalls.', 'Lack of proper firewall security practices and exposure to the internet made these devices susceptible to attacks.']

Network administratorsSecurity professionals

action items (2)

• Conduct a thorough audit of exposed network infrastructure.
• Review and enhance firewall security configurations immediately.

The Register · 2026-02-23T12:01

HIGH 85% confidence outage

Malicious npm Packages Harvest Crypto Keys

['Active supply chain worm campaign uses npm packages to steal credentials and crypto keys.', 'Researchers warn of SANDWORM_MODE campaign leveraging 19+. Read f

['Malicious packages can compromise build integrity and steal sensitive credentials.', 'Supply chain attacks pose significant risks to software delivery processes.']

javascript_devsnpm_usersdevops_teams

action items (2)

• Audit npm packages used across the organization
• Implement or enforce security policies for third-party software integration

The Hacker News · 2026-02-23T11:31

CRITICAL 95% confidence cve

ZDI-26-105 MLflow Tracking Server Vulnerability

Remote attackers can execute arbitrary code on MLflow Tracking Server due to a directory traversal flaw. No auth required. Includes severity, confidence, and ac

['Failure to sanitize input leads to directory traversal vulnerability', 'Lack of proper access controls allows RCE']

MLflow usersDevOps teams managing MLflow deployments

action items (2)

• Upgrade MLflow Tracking Server to mitigate vulnerability
• Monitor logs and network traffic for suspicious activity

Zero Day Initiative · 2026-02-23T11:01