// LIVE
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
HOLEConditional Impls
RADARA new 'work from home' age? Governments across Asia order employees to stay home
OPSSupply-chain attack using invisible code hits GitHub and other repositories
RADARTitle: Meta’s massive undersea cable project has been put on hold by regional ho
RADAR'Are you freaking crazy?' Bot harasses woman, gets led away by cops
OPSCredential-stealing crew spoofs VPN clients from Cisco, Fortinet, and others
HOLEOpenClaw and the Dream of Free Labour
INTELMeta Platforms: Lobbying, Dark Money, and the App Store Accountability Act
OPSMajor SocksEscort proxy network powered by Linux malware taken down by FBI and o
HOLEThe Plumbing of Everyday Magic
INTELShow HN: Algorithms and Data Structures in TypeScript – Free Book (~400 Pages)
INTELThe Download: how AI is used for military targeting, and the Pentagon’s war on C
CVEnpm cli Local Privilege Escalation Vulnerability (CVE-2026-0775)
CVEZDI-26-044: Windows Desktop Window Manager Use-After-Free Privilege Escalation V
CVEJanuary 2026 Patch Tuesday - Critical Vulnerabilities Addressed
nsysops@ops-intel:~$ ls -lt --range live
OPS INTEL
209 items · ARIA-monitored · page 9 of 42
209
TOTAL
CRITICAL
HIGH
ACTIONABLE
WALLBOARD ↗
AUTO-APPROVED TODAY
LLM STATUS
CRITICAL (page) 4
HIGH (page) 1
MEDIUM (page) 0
LOW (page) 0
CRITICAL 90% confidence cve

ZDI-26-066: Lexmark CX532adwe Heap-based Buffer Overflow RCE Vulnerability

Network-adjacent attackers can execute arbitrary code on Lexmark CX532adwe printers due to a heap-based buffer overflow. No authentication required. Includes se

['Critical network devices like printers should not have exploitable vulnerabilities', 'Remote code execution can lead to full control over the device and potentially lateral movement within a network']

Printer AdministratorsNetwork Security Teams
action items (2)
  • Review network segmentation for critical devices like Lexmark CX532adwe
  • Implement or update Intrusion Detection Systems to monitor for suspicious getCFFNames API activity

Zero Day Initiative · 2026-02-27T03:49

CRITICAL 95% confidence cve

(Pwn2Own) Lexmark CX532adwe usecmap Type Confusion Remote Code Execution Vulnerability

A critical remote code execution flaw in Lexmark CX532adwe printers allows unauthenticated attackers to execute arbitrary commands. Includes severity, confidenc

['Lack of proper validation and sanitization in usecmap processing', 'Permissive access control configuration allowing network-adjacent attacks']

network printersoffice equipment
action items (2)
  • Check if devices are impacted and assess exposure risk
  • Update firmware and apply security updates immediately

Zero Day Initiative · 2026-02-27T03:49

CRITICAL 95% confidence cve

(Pwn2Own) Lexmark CX532adwe execuserobject Heap-based Buffer Overflow Remote Code Execution Vulnerability ZDI-26-064

Lexmark CX532adwe printers are vulnerable to a heap-based buffer overflow leading to remote code execution. Auth isn't required. Includes severity, confidence,

['Buffer overflow can lead to unauthorized system access', 'No auth needed for exploitation']

Network administratorsIT security professionals
action items (2)
  • Identify and patch all instances of affected hardware
  • Monitor for unusual activity on network segments containing the printers

Zero Day Initiative · 2026-02-27T03:49

CRITICAL 95% confidence cve

(Pwn2Own) Lexmark CX532adwe libesffls Directory Traversal RCE Vulnerability

Network-adjacent attackers can execute arbitrary code on Lexmark CX532adwe printers without authentication due to a directory traversal remote code execution.

['Impact on corporate and home networks', 'Potential for data exfiltration and system compromise', 'Risk of service disruption and loss']

IT administratorsNetwork Security TeamsPrinter Management Personnel
action items (3)
  • Review Lexmark CX532adwe usage in your environment
  • Apply available security updates immediately
  • Implement network segmentation around critical assets

Zero Day Initiative · 2026-02-27T03:49

HIGH 90% confidence cve

ZDI-26-062: Lexmark CX532adwe esfhelper Vulnerability

['Local attackers can escalate privileges on Lexmark CX532adwe printers. CVE-2025-65078, CVSS rating of 7.8.', 'ZDI alert for Lexmark CX532adwe with untrusted.

['Attackers need to execute low-privileged code initially, but this flaw allows for privilege escalation.']

Lexmark CX532adwe usersIT administrators managing networked printers
action items (3)
  • Audit existing Lexmark CX532adwe printer deployments
  • Apply vendor-provided patches immediately
  • Review and enforce least privilege access controls

Zero Day Initiative · 2026-02-27T03:49

ONLINE | ARIA: aria-32b | COMMIT: 55adc43 | UPTIME: 24d 15:11 | LAST SCAN: 14H AGO
CORE API: ONLINE TWITCH: OFFLINE --:--:--