Archive snapshot

Wed, Apr 15 · 06:00 PM CDT

Archived briefing content rendered inside the ACSP site experience.

Back to archive

Archived briefing

Snapshot overview

Generated Wed, Apr 15 · 06:00 PM CDTWindow last 6 hours

Top line

Coverage now updates on a rolling 6-hour window, while NVD entries come from the live API using a last-24-hours modified window and are sorted by severity.

Fast take

News stays on the current 6-hour slice, videos now use the last 24 hours, and NVD uses the API instead of the traditional feed to better match the live site behavior.

Top stories

8

Worth skimming

0

Tracked videos

1

NVD vulnerabilities

25

Top stories

Wed, 15 Apr 2026 22:39:00 +0530

n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails

9.4/10 · Must read/watch

The Hacker Newsmalwareai

Summary
Threat actors have been observed weaponizing n8n, a popular artificial intelligence (AI) workflow automation platform, to facilitate sophisticated phishing campaigns and deliver malicious payloads or fingerprint devices by sending automated emai

Open article ↗

Wed, Apr 15 · 06:00 PM CDT

OpenAI Unveils GPT-5.4-Cyber for Improving Cyber Defense With AI

8.6/10 · Worth your time

Infosecurity Magazineai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Wed, Apr 15 · 06:00 PM CDT

Microsoft Fixes Two Zero-Days in April Patch Tuesday

8.5/10 · Worth your time

Infosecurity Magazinevuln

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Wed, Apr 15 · 06:00 PM CDT

Critical Nginx-ui MCP Flaw Actively Exploited in the Wild

8.5/10 · Worth your time

Infosecurity Magazinevuln

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Wed, Apr 15 · 01:00 PM CDT

Adaptional (YC S25) is hiring AI engineers

8.5/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 5 hours ago.

Open article ↗

Wed, Apr 15 · 06:00 PM CDT

AI Companies to Play Bigger Role in CVE Program, Says CISA

8.3/10 · Worth your time

Infosecurity Magazinevulnai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Wed, Apr 15 · 06:00 PM CDT

European Cybersecurity Agency ENISA Seeks Top-Tier Status in CVE Program

8.3/10 · Worth your time

Infosecurity Magazinevulnpolicy

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Wed, Apr 15 · 06:00 PM CDT

Researchers Spot Surge in Brute-Force Attacks from Middle East

8.2/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Worth skimming

Nothing surfaced yet.

Videos worth watching

John Hammond

6.8/10 · Skim only if relevant

YouTube / John Hammondgeneral

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Summary
Free Cybersecurity Education and Ethical Hacking.

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

NVD vulnerabilities

Thu, Mar 19 · 09:17 PM CDT

CVE-2026-32169

10.0/10 · Must read/watch

NVDvuln

Summary
Server-side request forgery (ssrf) in Azure Cloud Shell allows an unauthorized attacker to elevate privileges over a network.

CVECVE-2026-32169

SeverityCRITICAL

TypeUPDATED

PublishedThu, Mar 19 · 09:17 PM CDT

ModifiedTue, Apr 14 · 05:14 PM CDT

Open article ↗

Fri, Apr 03 · 11:17 PM CDT

CVE-2026-34938

10.0/10 · Must read/watch

NVDvuln

Summary
PraisonAI is a multi-agent teams system. Prior to version 1.5.90, execute_code() in praisonai-agents runs attacker-controlled Python inside a three-layer sandbox that can be fully bypassed by passing a str subclass with an overridden startswith() method to the _safe_getattr wrapper, achieving arbitrary OS command execu

CVECVE-2026-34938

SeverityCRITICAL

TypeUPDATED

PublishedFri, Apr 03 · 11:17 PM CDT

ModifiedTue, Apr 14 · 06:07 PM CDT

Open article ↗

Sat, Apr 04 · 02:16 PM CDT

CVE-2016-20052

9.8/10 · Must read/watch

NVDvuln

Summary
Snews CMS 1.7 contains an unrestricted file upload vulnerability that allows unauthenticated attackers to upload arbitrary files including PHP executables to the snews_files directory. Attackers can upload malicious PHP files through the multipart form-data upload endpoint and execute them by accessing the uploaded fil

CVECVE-2016-20052

SeverityCRITICAL

TypeUPDATED

PublishedSat, Apr 04 · 02:16 PM CDT

ModifiedTue, Apr 14 · 07:05 PM CDT

Open article ↗

Mon, Mar 16 · 02:17 PM CDT

CVE-2017-20223

9.8/10 · Must read/watch

NVDvuln

Summary
Telesquare SKT LTE Router SDT-CS3B1 firmware version 1.2.0 contains an insecure direct object reference vulnerability that allows attackers to bypass authorization and access resources by manipulating user-supplied input parameters. Attackers can directly reference objects in the system to retrieve sensitive informatio

CVECVE-2017-20223

SeverityCRITICAL

TypeUPDATED

PublishedMon, Mar 16 · 02:17 PM CDT

ModifiedTue, Apr 14 · 04:57 PM CDT

Open article ↗

Mon, Mar 16 · 02:17 PM CDT

CVE-2017-20224

9.8/10 · Must read/watch

NVDvuln

Summary
Telesquare SKT LTE Router SDT-CS3B1 version 1.2.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious content by exploiting enabled WebDAV HTTP methods. Attackers can use PUT, DELETE, MKCOL, MOVE, COPY, and PROPPATCH methods to upload executable code, delete files,

CVECVE-2017-20224

SeverityCRITICAL

TypeUPDATED

PublishedMon, Mar 16 · 02:17 PM CDT

ModifiedTue, Apr 14 · 04:52 PM CDT

Open article ↗

Wed, Apr 14 · 03:15 PM CDT

CVE-2021-27130

9.8/10 · Must read/watch

NVDvuln

Summary
Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload.

CVECVE-2021-27130

SeverityCRITICAL

TypeUPDATED

PublishedWed, Apr 14 · 03:15 PM CDT

ModifiedTue, Apr 14 · 09:31 PM CDT

Open article ↗

Fri, Oct 29 · 06:15 PM CDT

CVE-2021-41646

9.8/10 · Must read/watch

NVDvuln

Summary
Remote Code Execution (RCE) vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters..

CVECVE-2021-41646

SeverityCRITICAL

TypeUPDATED

PublishedFri, Oct 29 · 06:15 PM CDT

ModifiedTue, Apr 14 · 09:33 PM CDT

Open article ↗

Fri, Mar 20 · 02:16 PM CDT

CVE-2024-44722

9.8/10 · Must read/watch

NVDvuln

Summary
SysAK v2.0 and before is vulnerable to command execution via aaa;cat /etc/passwd.

CVECVE-2024-44722

SeverityCRITICAL

TypeUPDATED

PublishedFri, Mar 20 · 02:16 PM CDT

ModifiedTue, Apr 14 · 08:48 PM CDT

Open article ↗

Tue, Feb 03 · 02:16 AM CST

CVE-2025-67484

9.8/10 · Must read/watch

NVDvuln

Summary
Vulnerability in Wikimedia Foundation MediaWiki. This vulnerability is associated with program files includes/Api/ApiFormatXml.Php. This issue affects MediaWiki: from * before 1.39.16, 1.43.6, 1.44.3, 1.45.1.

CVECVE-2025-67484

SeverityCRITICAL

TypeUPDATED

PublishedTue, Feb 03 · 02:16 AM CST

ModifiedTue, Apr 14 · 01:26 PM CDT

Open article ↗

Fri, Feb 06 · 09:15 AM CST

CVE-2026-21643

9.8/10 · Must read/watch

NVDvuln

Summary
An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

CVECVE-2026-21643

SeverityCRITICAL

TypeUPDATED

PublishedFri, Feb 06 · 09:15 AM CST

ModifiedTue, Apr 14 · 02:21 PM CDT

Open article ↗

Fri, Mar 20 · 05:16 PM CDT

CVE-2026-22898

9.8/10 · Must read/watch

NVDvuln

Summary
A missing authentication for critical function vulnerability has been reported to affect QVR Pro. The remote attackers can then exploit the vulnerability to gain access to the system. We have already fixed the vulnerability in the following version: QVR Pro 2.7.4.14 and later

CVECVE-2026-22898

SeverityCRITICAL

TypeUPDATED

PublishedFri, Mar 20 · 05:16 PM CDT

ModifiedTue, Apr 14 · 02:33 PM CDT

Open article ↗

Tue, Feb 03 · 07:16 AM CST

CVE-2026-24465

9.8/10 · Must read/watch

NVDvuln

Summary
Stack-based buffer overflow vulnerability exists in ELECOM wireless LAN access point devices. A crafted packet may lead to arbitrary code execution.

CVECVE-2026-24465

SeverityCRITICAL

TypeUPDATED

PublishedTue, Feb 03 · 07:16 AM CST

ModifiedTue, Apr 14 · 12:59 PM CDT

Open article ↗

Tue, Mar 10 · 07:17 PM CDT

CVE-2026-28292

9.8/10 · Must read/watch

NVDvuln

Summary
`simple-git`, an interface for running git commands in any node.js application, has an issue in versions 3.15.0 through 3.32.2 that allows an attacker to bypass two prior CVE fixes (CVE-2022-25860 and CVE-2022-25912) and achieve full remote code execution on the host machine. Version 3.23.0 contains an updated fix for

CVECVE-2026-28292

SeverityCRITICAL

TypeUPDATED

PublishedTue, Mar 10 · 07:17 PM CDT

ModifiedTue, Apr 14 · 04:16 PM CDT

Open article ↗

Thu, Mar 19 · 09:17 PM CDT

CVE-2026-32191

9.8/10 · Must read/watch

NVDvuln

Summary
Improper neutralization of special elements used in an os command ('os command injection') in Microsoft Bing Images allows an unauthorized attacker to execute code over a network.

CVECVE-2026-32191

SeverityCRITICAL

TypeUPDATED

PublishedThu, Mar 19 · 09:17 PM CDT

ModifiedTue, Apr 14 · 04:35 PM CDT

Open article ↗

Thu, Mar 19 · 10:16 PM CDT

CVE-2026-32194

9.8/10 · Must read/watch

NVDvuln

Summary
Improper neutralization of special elements used in a command ('command injection') in Microsoft Bing Images allows an unauthorized attacker to execute code over a network.

CVECVE-2026-32194

SeverityCRITICAL

TypeUPDATED

PublishedThu, Mar 19 · 10:16 PM CDT

ModifiedTue, Apr 14 · 04:35 PM CDT

Open article ↗

Fri, Apr 03 · 11:17 PM CDT

CVE-2026-34934

9.8/10 · Must read/watch

NVDvuln

Summary
PraisonAI is a multi-agent teams system. Prior to version 4.5.90, the get_all_user_threads function constructs raw SQL queries using f-strings with unescaped thread IDs fetched from the database. An attacker stores a malicious thread ID via update_thread. When the application loads the thread list, the injected payload

CVECVE-2026-34934

SeverityCRITICAL

TypeUPDATED

PublishedFri, Apr 03 · 11:17 PM CDT

ModifiedTue, Apr 14 · 06:15 PM CDT

Open article ↗

Fri, Apr 03 · 11:17 PM CDT

CVE-2026-34935

9.8/10 · Must read/watch

NVDvuln

Summary
PraisonAI is a multi-agent teams system. From version 4.5.15 to before version 4.5.69, the --mcp CLI argument is passed directly to shlex.split() and forwarded through the call chain to anyio.open_process() with no validation, allowlist check, or sanitization at any hop, allowing arbitrary OS command execution as the p

CVECVE-2026-34935

SeverityCRITICAL

TypeUPDATED

PublishedFri, Apr 03 · 11:17 PM CDT

ModifiedTue, Apr 14 · 06:14 PM CDT

Open article ↗

Tue, Sep 09 · 02:15 PM CDT

CVE-2025-54236

9.1/10 · Must read/watch

NVDvuln

Summary
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue doe

CVECVE-2025-54236

SeverityCRITICAL

TypeUPDATED

PublishedTue, Sep 09 · 02:15 PM CDT

ModifiedTue, Apr 14 · 07:00 PM CDT

Open article ↗

Wed, Dec 17 · 11:16 PM CST

CVE-2025-68145

9.1/10 · Must read/watch

NVDvuln

Summary
In mcp-server-git versions prior to 2025.12.17, when the server is started with the --repository flag to restrict operations to a specific repository path, it did not validate that repo_path arguments in subsequent tool calls were actually within that configured path. This could allow tool calls to operate on other rep

CVECVE-2025-68145

SeverityCRITICAL

TypeUPDATED

PublishedWed, Dec 17 · 11:16 PM CST

ModifiedTue, Apr 14 · 03:13 PM CDT

Open article ↗

Wed, Apr 01 · 05:28 PM CDT

CVE-2026-33990

9.1/10 · Must read/watch

NVDvuln

Summary
Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Prior to version 1.1.25, Docker Model Runner contains an SSRF vulnerability in its OCI registry token exchange flow. When pulling a model, Model Runner follows the realm URL from the registry's WWW-Authenticate header without

CVECVE-2026-33990

SeverityCRITICAL

TypeUPDATED

PublishedWed, Apr 01 · 05:28 PM CDT

ModifiedTue, Apr 14 · 08:08 PM CDT

Open article ↗

Wed, Feb 25 · 04:30 PM CST

CVE-2009-0238

8.8/10 · Worth your time

NVDvuln

Summary
Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafted Excel document tha

CVECVE-2009-0238

SeverityHIGH

TypeUPDATED

PublishedWed, Feb 25 · 04:30 PM CST

ModifiedTue, Apr 14 · 06:16 PM CDT

Open article ↗

Tue, Feb 14 · 08:15 PM CST

CVE-2023-21529

8.8/10 · Worth your time

NVDvuln

Summary
Microsoft Exchange Server Remote Code Execution Vulnerability

CVECVE-2023-21529

SeverityHIGH

TypeUPDATED

PublishedTue, Feb 14 · 08:15 PM CST

ModifiedTue, Apr 14 · 02:44 PM CDT

Open article ↗

Tue, Dec 09 · 04:17 PM CST

CVE-2025-10655

8.8/10 · Worth your time

NVDvuln

Summary
SQL Injection in Frappe HelpDesk in the dashboard get_dashboard_data due to unsafe concatenation of user-controlled parameters into dynamic SQL statements.This issue affects Frappe HelpDesk: 1.14.0.

CVECVE-2025-10655

SeverityHIGH

TypeUPDATED

PublishedTue, Dec 09 · 04:17 PM CST

ModifiedTue, Apr 14 · 03:35 PM CDT

Open article ↗

Mon, Mar 16 · 02:17 PM CDT

CVE-2025-14287

8.8/10 · Worth your time

NVDvuln

Summary
A command injection vulnerability exists in mlflow/mlflow versions before v3.7.0, specifically in the `mlflow/sagemaker/__init__.py` file at lines 161-167. The vulnerability arises from the direct interpolation of user-supplied container image names into shell commands without proper sanitization, which are then execut

CVECVE-2025-14287

SeverityHIGH

TypeUPDATED

PublishedMon, Mar 16 · 02:17 PM CDT

ModifiedTue, Apr 14 · 04:48 PM CDT

Open article ↗

Fri, Mar 20 · 04:16 PM CDT

CVE-2025-67260

8.8/10 · Worth your time

NVDvuln

Summary
The Terrapack software, from ASTER TEC / ASTER S.p.A., with the indicated components and versions has a file upload vulnerability that may allow attackers to execute arbitrary code. Vulnerable components include Terrapack TkWebCoreNG:: 1.0.20200914, Terrapack TKServerCGI 2.5.4.150, and Terrapack TpkWebGIS Client 1.0.0.

CVECVE-2025-67260

SeverityHIGH

TypeUPDATED

PublishedFri, Mar 20 · 04:16 PM CDT

ModifiedTue, Apr 14 · 08:54 PM CDT

Open article ↗

Ignore today

Generic low-detail roundups without primary reporting.
HN items that are interesting but not clearly security or AI relevant.
Creator videos that look more like promotion, podcast chatter, or evergreen content than time-sensitive signal outside the rolling window.