// LIVE
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
nsysops@ops-intel:~$ ls -lt --range live

OPS INTEL

266 items · ARIA-monitored · page 48 of 54
266
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 3
HIGH (page) 1
MEDIUM (page) 1
LOW (page) 0
CRITICAL 90% confidence outage

'Starkiller' Phishing Service Proxies Real Login Pages with MFA

['Starkiller phishing service uses real login pages as proxies for MFA attacks.', 'Stealthy Starkiller phishing service bypasses security measures by proxying.

['Starkiller leverages real login pages, reducing detection by security teams who monitor static phishing copies.', 'The method bypasses typical preventive measures like MFA, making it harder to identify and block malici

Enterprise web servicesFinancial institutions
action items (2)
  • Review current MFA solutions and their effectiveness against proxy-based attacks.
  • Educate users on recognizing suspicious login behaviors and the risks of phishing.

Krebs on Security ·

CRITICAL 95% confidence advisory

CISA Urges Rapid Patching of Actively Exploited Dell Vulnerability

Federal agencies have three days to address a critical Dell bug exploited since mid-2024. CISA warns of espionage threats linked to hardcoded credentials in.

['The flaw involves hardcoded credentials and has been actively exploited since mid-2024', 'Exploitation could lead to espionage threats against government networks']

Federal agenciesCritical infrastructure operators
action items (2)
  • Review and update patch management policies
  • Conduct an inventory of all Dell RecoverPoint installations

The Register ·

MEDIUM 80% confidence outage

Amazon Denies Kiro Agentic AI Behind Outage

['AWS suffered outages reportedly caused by its own agentic AI coding tools, but Amazon claims user misconfiguration as the root cause.'] Includes severity, con

['Operators need to understand potential risks associated with advanced AI tools and ensure robust security practices are in place to prevent similar incidents due to configuration errors or unexpected behavior.']

AWS usersCloud service operators
action items (2)
  • Review existing access controls for AI integration
  • Update incident response plans to account for potential issues with agentic AI

The Register ·

HIGH 90% confidence outage

FBI Warns of Rising ATM Jackpotting Incidents

['FBI reports over 1,900 ATM jackpotting incidents since 2020 with losses exceeding $20M in 2025. Operators must stay vigilant against such attacks.'] Includes

['ATM jackpotting attacks involve criminals exploiting vulnerabilities to illegally dispense cash from ATMs.', 'Operators need to enhance security measures and monitor suspicious activities regularly.']

Financial InstitutionsATM Operators
action items (2)
  • Review current ATM security protocols and upgrade where necessary.
  • Train staff to identify and respond to suspicious activity at ATMs.

The Hacker News ·

CRITICAL 95% confidence outage

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA adds five new vulnerabilities to its KEV Catalog due to active exploitation threats. Prioritize remediation for CVE-2018-14634, CVE-2025-52691. Read full o

['Malicious actors actively exploit these vulnerabilities', 'These vulnerabilities present significant risks to federal enterprises']

Federal Civilian Executive Branch agenciesAll organizations managing federal networks
action items (3)
  • Review the KEV catalog regularly
  • Prioritize remediation of listed vulnerabilities
  • Implement multi-layered security measures

CISA Current Activity ·

ONLINE | ARIA: aria-32b | COMMIT: 32fceff | UPTIME: 45d 13:24 | LAST SCAN: 116H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--