// LIVE
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
nsysops@ops-intel:~$ ls -lt --range live
OPS INTEL
209 items · ARIA-monitored · page 7 of 42
209
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 1
HIGH (page) 3
MEDIUM (page) 1
LOW (page) 0
HIGH 95% confidence cve

ZDI-26-051: Kemp LoadMaster delcert Command Injection Vulnerability

Progress Software Kemp LoadMaster delcert command injection allows remote code execution with required auth. CVSS rating of 7.1, applies to network-adjacent.

['Exploit allows for unauthorized access and potential system compromise']

Network security operations, systems administrators
action items (1)
  • Apply available patches or updates for Kemp LoadMaster

Zero Day Initiative · 2026-02-27T04:25

HIGH 95% confidence cve

ZDI-26-059: CyberArk EPM Local Privilege Escalation Vulnerability

['CyberArk Endpoint Privilege Management suffers from a local privilege escalation issue. This flaw allows unprivileged users to escalate privileges on. Read fu

['The vulnerability stems from improper privilege management within EPM that permits a local user to execute commands or processes outside of their granted access level.', '96']

WindowsLinux
action items (2)
  • Update EPM immediately using vendor patches or mitigations.
  • Review system configurations and ensure compliance with least privilege principles.

Zero Day Initiative · 2026-02-27T04:24

HIGH 85% confidence cve

ZDI-26-058: AzeoTech DAQFactory Pro CTL File Parsing Vulnerability

Remote code execution vulnerability in AzeoTech DAQFactory Pro via CTL file parsing. CVSS rating of 7.8, CVE-2025-66589. Includes severity, confidence, and acti

['Exploitation requires user interaction', 'Attackers may execute arbitrary code remotely', 'CVSS rating of 7.8 indicates high severity']

WindowsLinuxUnix-like systems
action items (2)
  • Review system configurations for AzeoTech DAQFactory Pro
  • Implement patches or updates provided by vendor

Zero Day Initiative · 2026-02-27T04:24

CRITICAL 95% confidence cve

ZDI-26-057: Apple Safari JavaScriptCore FTL New Array Materialization Type Confusion

Apple Safari's JavaScriptCore FTL has a type confusion vulnerability allowing remote code execution. User interaction is required. Includes severity, confidence

['Type confusion bug in FTL (Fast Transformer Library) of JavaScriptCore can be exploited by malicious websites or files', "Can lead to arbitrary code execution on user's system if visited or opened"]

Apple Safari UsersWeb Developers using JavaScriptCoreNetwork Administrators
action items (3)
  • Install patches or updates provided by Apple immediately
  • Monitor networks for signs of exploitation activity
  • Educate users about risks associated with visiting untrusted websites or opening unknown files

Zero Day Initiative · 2026-02-27T04:23

MEDIUM 85% confidence cve

Apple macOS AppleIntelKBLGraphics OOB Read Disclosure Vulnerability ZDI-26-056

Local attackers can disclose sensitive info on affected macOS systems due to an out-of-bounds read in AppleIntelKBLGraphics. CVE-2025-43283, CVSS:6.5. Includes

['Sensitive data disclosure risk', 'Potential misuse of leaked info by malicious actors']

Apple macOS UsersIT Administrators
action items (2)
  • Install patches provided by Apple
  • Review and enhance system privilege controls

Zero Day Initiative · 2026-02-27T04:23

ONLINE | ARIA: aria-32b | COMMIT: 55adc43 | UPTIME: 24d 15:21 | LAST SCAN: 14H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--