// LIVE
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
INTELCritical Citrix NetScaler memory flaw actively exploited in attacks
INTELTelnyx joins LiteLLM in latest PyPI package poisoning tied to Trivy breach
INTELStorm Brews Over Critical, No-Click Telegram Flaw
INTELFTC Action Against Match and OkCupid for Deceiving Users, Sharing Personal Data
INTELTeamPCP Supply Chain Campaign: Update 004 - Databricks Investigating Alleged Com
INTELHealthcare IT Platform CareCloud Probing Potential Data Breach
INTELSecurity updates for Monday
INTEL'When intelligence and trust move together, AI stops being an experiment and sta
INTELRussian APT Star Blizzard Adopts DarkSword iOS Exploit Kit
INTELDisclosure of Replay Attack Vulnerability in Signed References
INTELHackers now exploit critical F5 BIG-IP flaw in attacks, patch now
INTELTelnyx Targeted in Growing TeamPCP Supply Chain Attack
CVE(Pwn2Own) Canon imageCLASS MF654Cdw TTF Parsing Out-Of-Bounds Write Remote Code
CVEZDI-26-204: Canon imageCLASS MF654Cdw XPS Parser Vulnerability
CVEZDI-26-202: QNAP TS-453E Hyper Data Protector Plugin SQL Injection RCE Vulnerabi
nsysops@ops-intel:~$ ls -lt --range live

OPS INTEL

266 items · ARIA-monitored · page 6 of 54
266
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 0
HIGH (page) 4
MEDIUM (page) 1
LOW (page) 0
HIGH 85% confidence outage

Iran Internet Blackout Continues Day 18

["Iran's internet blackout continues into day 18, with 'privileged access' granted to select individuals while the majority remain offline.", 'Monitoring. Read

['The prolonged outage disrupts normal network operations and communication.', 'Monitoring reveals widespread connectivity issues affecting multiple ISPs and infrastructure components.']

Iran
action items (2)
  • Review contingency plans for prolonged outages.
  • Engage with local ISPs for updates on service availability.

The Register ·

MEDIUM 50% confidence general

Out-of-Band Hotpatch for Windows 11 Bluetooth Issues

['Microsoft releases out-of-band hotpatch to address critical Bluetooth issues in Windows 11 versions 24H2 and 25H2.'] Includes severity, confidence, and action

['The update is critical due to potential security vulnerabilities that could be exploited by attackers through compromised Bluetooth devices.']

Windows 11 24H2Windows 11 25H2
action items (2)
  • Install the latest Microsoft hotpatch for Windows 11 systems as soon as it becomes available.
  • Review security logs for signs of exploitation prior to patch installation.

The Register ·

HIGH 90% confidence outage

LeakNet Ransomware Embraces ClickFix via Compromised Sites

['LeakNet ransomware now uses the ClickFix social engineering tactic delivered through hacked websites. Users are tricked into running malicious commands.'.

['This shift towards social engineering techniques like ClickFix poses a new challenge for security operations teams, as it bypasses traditional defensive measures against stolen credentials or malware exploitation.', 'U

Web operationsNetwork security
action items (2)
  • Review existing security policies related to credential management and social engineering protection.
  • Deploy detection mechanisms targeting the ClickFix tactic and Deno in-memory loaders.

The Hacker News ·

HIGH 85% confidence outage

DarkSword iOS Exploit Kit Uses 6 Flaws, 3 Zero-Days

DarkSword iOS exploit kit targets six flaws, including three zero-days, for full device takeover since November 2025. Used by multiple threat actors. Includes s

['Threat actors can gain full control over targeted iOS devices', 'Sensitive information at risk due to zero-day exploits']

iOS users and administratorsIT security teams
action items (3)
  • Update affected systems immediately
  • Increase monitoring efforts for potential exploitation activity
  • Review incident response plans for immediate action

The Hacker News ·

HIGH 95% confidence outage

EU Sanctions Iranian Cyber Front Over Election Meddling and Charlie Hebdo Breach

European Union sanctions Emennet Pasargad, a company linked to Iranian state-sponsored cyberattacks including election interference and the Charlie Hebdo hack.

['To deter future cyberattacks by imposing economic penalties on entities linked to state-sponsored hacking']

GovernmentMediaFinancial Institutions
action items (2)
  • Review and update incident response plans for potential state-sponsored attacks
  • Enhance security measures around critical assets like election infrastructure and media entities

The Register ·

ONLINE | ARIA: aria-32b | COMMIT: 32fceff | UPTIME: 45d 13:25 | LAST SCAN: 116H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--