Archive snapshot

Mon, Apr 13 · 06:00 AM CDT

Archived briefing content rendered inside the ACSP site experience.

Back to archive

Archived briefing

Snapshot overview

Generated Mon, Apr 13 · 06:00 AM CDTWindow last 6 hours

Top line

Coverage now updates on a rolling 6-hour window, while NVD entries come from the live API using a last-24-hours modified window and are sorted by severity.

Fast take

News stays on the current 6-hour slice, videos now use the last 24 hours, and NVD uses the API instead of the traditional feed to better match the live site behavior.

Top stories

8

Worth skimming

0

Tracked videos

0

NVD vulnerabilities

25

Top stories

Mon, 13 Apr 2026 14:45:00 +0530

North Korea's APT37 Uses Facebook Social Engineering to Deliver RokRAT Malware

9.4/10 · Must read/watch

The Hacker Newsmalwareai

Summary
The North Korean hacking group tracked as APT37 (aka ScarCruft) has been attributed to a fresh multi-stage, social engineering campaign in which threat actors approached targets on Facebook and added them as friends on the social media platform, turning t

Open article ↗

Mon, 13 Apr 2026 12:20:00 +0530

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

9.4/10 · Must read/watch

The Hacker Newssupply-chainai

Summary
OpenAI revealed a GitHub Actions workflow used to sign its macOS apps led to the download of the malicious Axios library on March 31, but noted that no user data or internal system was compromised. "Out of an abundance of caution, we are taking steps to protec

Open article ↗

Mon, Apr 13 · 06:00 AM CDT

Bitcoin Depot Reports $3.6m Crypto Theft After System Breach

8.1/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Mon, Apr 13 · 06:00 AM CDT

Google Chrome Rolls Out Protection Against Infostealers Targeting Session Cookies

8.0/10 · Worth your time

Infosecurity Magazinemalwareai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Mon, Apr 13 · 06:00 AM CDT

Google API Keys Quietly Gain Access to Gemini on Android Devices

8.0/10 · Worth your time

Infosecurity Magazineai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Mon, Apr 13 · 06:00 AM CDT

Critical Vulnerability in Ninja Forms Exposes WordPress Sites

8.0/10 · Worth your time

Infosecurity Magazinevuln

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Mon, Apr 13 · 06:00 AM CDT

Just Three Ransomware Gangs Accounted for 40% of Attacks Last Month

7.8/10 · Worth your time

Infosecurity Magazinemalware

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Mon, Apr 13 · 06:00 AM CDT

Governance Gaps Emerge as AI Agents Drive 76% Increase in NHIs

7.8/10 · Worth your time

Infosecurity Magazineai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Worth skimming

Nothing surfaced yet.

Videos worth watching

Nothing surfaced yet.

NVD vulnerabilities

Fri, Apr 10 · 08:16 PM CDT

CVE-2026-40175

10.0/10 · Must read/watch

NVDvuln

Summary
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0, the Axios library is vulnerable to a specific "Gadget" attack chain that allows Prototype Pollution in any third-party dependency to be escalated into Remote Code Execution (RCE) or Full Cloud Compromise (via AWS IMDSv2 bypass). This vul

CVECVE-2026-40175

SeverityCRITICAL

TypeUPDATED

PublishedFri, Apr 10 · 08:16 PM CDT

ModifiedMon, Apr 13 · 10:16 AM CDT

Open article ↗

Sun, Apr 12 · 01:16 PM CDT

CVE-2019-25709

9.8/10 · Must read/watch

NVDvuln

Summary
CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by accessing the imgdb.db file in the upload/data directory. Attackers can extract delete IDs stored in plaintext from the deserialized database and use them to delete all pictures via the d parameter.

CVECVE-2019-25709

SeverityCRITICAL

TypeNEW

PublishedSun, Apr 12 · 01:16 PM CDT

ModifiedSun, Apr 12 · 01:16 PM CDT

Open article ↗

Sun, Apr 12 · 11:16 PM CDT

CVE-2026-6131

9.8/10 · Must read/watch

NVDvuln

Summary
A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument command results in os command injection. The attack may be launched remotely. The exploit ha

CVECVE-2026-6131

SeverityCRITICAL

TypeNEW

PublishedSun, Apr 12 · 11:16 PM CDT

ModifiedSun, Apr 12 · 11:16 PM CDT

Open article ↗

Sun, Apr 12 · 11:16 PM CDT

CVE-2026-6132

9.8/10 · Must read/watch

NVDvuln

Summary
A vulnerability was determined in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is possible. The exploit has be

CVECVE-2026-6132

SeverityCRITICAL

TypeNEW

PublishedSun, Apr 12 · 11:16 PM CDT

ModifiedSun, Apr 12 · 11:16 PM CDT

Open article ↗

Mon, Apr 13 · 12:16 AM CDT

CVE-2026-6138

9.8/10 · Must read/watch

NVDvuln

Summary
A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mac causes os command injection. The attack can be initiated remotely. The exploit has been published a

CVECVE-2026-6138

SeverityCRITICAL

TypeNEW

PublishedMon, Apr 13 · 12:16 AM CDT

ModifiedMon, Apr 13 · 12:16 AM CDT

Open article ↗

Mon, Apr 13 · 01:16 AM CDT

CVE-2026-6139

9.8/10 · Must read/watch

NVDvuln

Summary
A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit has been disclose

CVECVE-2026-6139

SeverityCRITICAL

TypeNEW

PublishedMon, Apr 13 · 01:16 AM CDT

ModifiedMon, Apr 13 · 01:16 AM CDT

Open article ↗

Mon, Apr 13 · 01:16 AM CDT

CVE-2026-6140

9.8/10 · Must read/watch

NVDvuln

Summary
A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument FileName results in os command injection. The attack may be initiated remotely. The exploit has been m

CVECVE-2026-6140

SeverityCRITICAL

TypeNEW

PublishedMon, Apr 13 · 01:16 AM CDT

ModifiedMon, Apr 13 · 01:16 AM CDT

Open article ↗

Mon, Apr 13 · 04:16 AM CDT

CVE-2026-6154

9.8/10 · Must read/watch

NVDvuln

Summary
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wizard results in os command injection. The attack may be initiated remotely. The explo

CVECVE-2026-6154

SeverityCRITICAL

TypeNEW

PublishedMon, Apr 13 · 04:16 AM CDT

ModifiedMon, Apr 13 · 04:16 AM CDT

Open article ↗

Mon, Apr 13 · 04:16 AM CDT

CVE-2026-6155

9.8/10 · Must read/watch

NVDvuln

Summary
A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may be launched remotely. The exploit has be

CVECVE-2026-6155

SeverityCRITICAL

TypeNEW

PublishedMon, Apr 13 · 04:16 AM CDT

ModifiedMon, Apr 13 · 04:16 AM CDT

Open article ↗

Mon, Apr 13 · 04:16 AM CDT

CVE-2026-6156

9.8/10 · Must read/watch

NVDvuln

Summary
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument Comment leads to os command injection. Remote exploitation of the attack is possible. The exploit h

CVECVE-2026-6156

SeverityCRITICAL

TypeNEW

PublishedMon, Apr 13 · 04:16 AM CDT

ModifiedMon, Apr 13 · 04:16 AM CDT

Open article ↗

Thu, Mar 05 · 02:16 AM CST

CVE-2025-40931

9.1/10 · Must read/watch

NVDvuln

Summary
Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The default session id generator returns a MD5 hash seeded with the built-in rand() function, the epoch time, and the PID. The PID will come from a small set of numb

CVECVE-2025-40931

SeverityCRITICAL

TypeUPDATED

PublishedThu, Mar 05 · 02:16 AM CST

ModifiedSun, Apr 12 · 06:16 PM CDT

Open article ↗

Tue, Sep 09 · 02:15 PM CDT

CVE-2025-54236

9.1/10 · Must read/watch

NVDvuln

Summary
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue doe

CVECVE-2025-54236

SeverityCRITICAL

TypeUPDATED

PublishedTue, Sep 09 · 02:15 PM CDT

ModifiedThu, Apr 09 · 01:00 AM CDT

Open article ↗

Sun, Apr 12 · 11:16 PM CDT

CVE-2026-6133

8.8/10 · Worth your time

NVDvuln

Summary
A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Such manipulation of the argument page leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.

CVECVE-2026-6133

SeverityHIGH

TypeNEW

PublishedSun, Apr 12 · 11:16 PM CDT

ModifiedSun, Apr 12 · 11:16 PM CDT

Open article ↗

Sun, Apr 12 · 11:16 PM CDT

CVE-2026-6134

8.8/10 · Worth your time

NVDvuln

Summary
A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqossetting of the file /goform/qossetting. Performing a manipulation of the argument qos results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been relea

CVECVE-2026-6134

SeverityHIGH

TypeNEW

PublishedSun, Apr 12 · 11:16 PM CDT

ModifiedSun, Apr 12 · 11:16 PM CDT

Open article ↗

Mon, Apr 13 · 12:16 AM CDT

CVE-2026-6135

8.8/10 · Worth your time

NVDvuln

Summary
A weakness has been identified in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been made available to the public

CVECVE-2026-6135

SeverityHIGH

TypeNEW

PublishedMon, Apr 13 · 12:16 AM CDT

ModifiedMon, Apr 13 · 12:16 AM CDT

Open article ↗

Mon, Apr 13 · 12:16 AM CDT

CVE-2026-6136

8.8/10 · Worth your time

NVDvuln

Summary
A security vulnerability has been detected in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.

CVECVE-2026-6136

SeverityHIGH

TypeNEW

PublishedMon, Apr 13 · 12:16 AM CDT

ModifiedMon, Apr 13 · 12:16 AM CDT

Open article ↗

Mon, Apr 13 · 12:16 AM CDT

CVE-2026-6137

8.8/10 · Worth your time

NVDvuln

Summary
A vulnerability was detected in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulation of the argument wanmode/PPPOEPassword results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may

CVECVE-2026-6137

SeverityHIGH

TypeNEW

PublishedMon, Apr 13 · 12:16 AM CDT

ModifiedMon, Apr 13 · 12:16 AM CDT

Open article ↗

Mon, Apr 13 · 04:16 AM CDT

CVE-2026-6157

8.8/10 · Worth your time

NVDvuln

Summary
A vulnerability was detected in Totolink A800R 4.1.2cu.5137_B20200730. This impacts the function setAppEasyWizardConfig in the library /lib/cste_modules/app.so. The manipulation of the argument apcliSsid results in buffer overflow. The attack can be executed remotely. The exploit is now public and may be used.

CVECVE-2026-6157

SeverityHIGH

TypeNEW

PublishedMon, Apr 13 · 04:16 AM CDT

ModifiedMon, Apr 13 · 04:16 AM CDT

Open article ↗

Mon, Apr 13 · 07:16 AM CDT

CVE-2026-6168

8.8/10 · Worth your time

NVDvuln

Summary
A flaw has been found in TOTOLINK A7000R up to 9.1.0u.6115. The affected element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid5g causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be use

CVECVE-2026-6168

SeverityHIGH

TypeNEW

PublishedMon, Apr 13 · 07:16 AM CDT

ModifiedMon, Apr 13 · 07:16 AM CDT

Open article ↗

Mon, Apr 13 · 07:16 AM CDT

CVE-2026-5936

8.5/10 · Worth your time

NVDvuln

Summary
An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints (e.g., cloud metadata services), or bypass network access controls,

CVECVE-2026-5936

SeverityHIGH

TypeNEW

PublishedMon, Apr 13 · 07:16 AM CDT

ModifiedMon, Apr 13 · 07:16 AM CDT

Open article ↗

Sun, Apr 12 · 01:16 PM CDT

CVE-2018-25258

8.4/10 · Worth your time

NVDvuln

Summary
RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based buffer overflow, execute a

CVECVE-2018-25258

SeverityHIGH

TypeNEW

PublishedSun, Apr 12 · 01:16 PM CDT

ModifiedSun, Apr 12 · 01:16 PM CDT

Open article ↗

Sun, Apr 12 · 01:16 PM CDT

CVE-2019-25689

8.4/10 · Worth your time

NVDvuln

Summary
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigger code execution and sp

CVECVE-2019-25689

SeverityHIGH

TypeNEW

PublishedSun, Apr 12 · 01:16 PM CDT

ModifiedSun, Apr 12 · 01:16 PM CDT

Open article ↗

Sun, Apr 12 · 01:16 PM CDT

CVE-2019-25691

8.4/10 · Worth your time

NVDvuln

Summary
Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can inject a crafted payload into the Save Path for Snapshot and Record file field to trigger a buffer over

CVECVE-2019-25691

SeverityHIGH

TypeNEW

PublishedSun, Apr 12 · 01:16 PM CDT

ModifiedSun, Apr 12 · 01:16 PM CDT

Open article ↗

Sun, Apr 12 · 01:16 PM CDT

CVE-2019-25695

8.4/10 · Worth your time

NVDvuln

Summary
R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like calc.exe when the payload is pasted into the

CVECVE-2019-25695

SeverityHIGH

TypeNEW

PublishedSun, Apr 12 · 01:16 PM CDT

ModifiedSun, Apr 12 · 01:16 PM CDT

Open article ↗

Sun, Apr 12 · 01:16 PM CDT

CVE-2019-25701

8.4/10 · Worth your time

NVDvuln

Summary
Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and execute arbitrary code

CVECVE-2019-25701

SeverityHIGH

TypeNEW

PublishedSun, Apr 12 · 01:16 PM CDT

ModifiedSun, Apr 12 · 01:16 PM CDT

Open article ↗

Ignore today

Generic low-detail roundups without primary reporting.
HN items that are interesting but not clearly security or AI relevant.
Creator videos that look more like promotion, podcast chatter, or evergreen content than time-sensitive signal outside the rolling window.