Archive snapshot

Tue, Apr 21 · 06:00 PM CDT

Archived briefing content rendered inside the ACSP site experience.

Back to archive

Archived briefing

Snapshot overview

Generated Tue, Apr 21 · 06:00 PM CDTWindow last 6 hours

Top line

Coverage now updates on a rolling 6-hour window, while NVD entries come from the live API using a last-24-hours modified window and are sorted by severity.

Fast take

News stays on the current 6-hour slice, videos now use the last 24 hours, and NVD uses the API instead of the traditional feed to better match the live site behavior.

Top stories

8

Worth skimming

0

Tracked videos

2

NVD vulnerabilities

25

Top stories

Tue, 21 Apr 2026 23:48:00 +0530

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

9.1/10 · Must read/watch

The Hacker Newsmalware

Summary
Threat actors associated with The Gentlemen ransomware‑as‑a‑service (RaaS) operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the command-and-control (C2 or C&C) serv

Open article ↗

Tue, Apr 21 · 06:00 PM CDT

The Gentlemen Ransomware Expands With Rapid Affiliate Growth

8.7/10 · Worth your time

Infosecurity Magazinemalware

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, Apr 21 · 01:00 PM CDT

Meta to start capturing employee mouse movements, keystrokes for AI training

8.5/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 5 hours ago.

Open article ↗

Tue, Apr 21 · 01:00 PM CDT

The Vercel breach: OAuth attack exposes risk in platform environment variables

8.4/10 · Worth your time

Hacker Newsidentity

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 5 hours ago.

Open article ↗

Tue, Apr 21 · 02:00 PM CDT

Framework Laptop 13 Pro

8.4/10 · Worth your time

Hacker Newsgeneral

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 4 hours ago.

Open article ↗

Tue, Apr 21 · 06:00 PM CDT

Unchecked AI Agents Cause Cybersecurity Incidents at Two Thirds of Firms

8.2/10 · Worth your time

Infosecurity Magazineai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, Apr 21 · 06:00 PM CDT

Trojanized Android App Fuels New Wave of NFC Fraud

8.2/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, Apr 21 · 05:00 PM CDT

CrabTrap: An LLM-as-a-judge HTTP proxy to secure agents in production

8.2/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 1 hour ago.

Open article ↗

Worth skimming

Nothing surfaced yet.

Videos worth watching

John Hammond

6.8/10 · Skim only if relevant

YouTube / John Hammondgeneral

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Summary
Free Cybersecurity Education and Ethical Hacking.

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

NahamSec

6.6/10 · Skim only if relevant

YouTube / NahamSecgeneral

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Summary
HACK THE PLANET!! Hi! I'm NahamSec. I think everyone can be a hacker and I'm on a mission to prove that!

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

NVD vulnerabilities

Tue, Jun 24 · 03:15 PM CDT

CVE-2025-32975

10.0/10 · Must read/watch

NVDvuln

Summary
Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385, 13.1.x before 13.1.81, 13.2.x before 13.2.183, 14.0.x before 14.0.341 (Patch 5), and 14.1.x before 14.1.101 (Patch 4) contains an authentication bypass vulnerability that allows attackers to impersonate legitimate users without valid credentials. The

CVECVE-2025-32975

SeverityCRITICAL

TypeUPDATED

PublishedTue, Jun 24 · 03:15 PM CDT

ModifiedMon, Apr 20 · 08:16 PM CDT

Open article ↗

Thu, Apr 02 · 05:16 PM CDT

CVE-2026-25212

9.9/10 · Must read/watch

NVDvuln

Summary
An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system.

CVECVE-2026-25212

SeverityCRITICAL

TypeUPDATED

PublishedThu, Apr 02 · 05:16 PM CDT

ModifiedTue, Apr 21 · 12:33 AM CDT

Open article ↗

Thu, Apr 02 · 06:16 PM CDT

CVE-2026-34717

9.9/10 · Must read/watch

NVDvuln

Summary
OpenProject is an open-source, web-based project management software. Prior to version 17.2.3, the =n operator in modules/reporting/lib/report/operator.rb:177 embeds user input directly into SQL WHERE clauses without parameterization. This issue has been patched in version 17.2.3.

CVECVE-2026-34717

SeverityCRITICAL

TypeUPDATED

PublishedThu, Apr 02 · 06:16 PM CDT

ModifiedTue, Apr 21 · 01:03 AM CDT

Open article ↗

Fri, Apr 03 · 06:16 PM CDT

CVE-2026-0545

9.8/10 · Must read/watch

NVDvuln

Summary
In mlflow/mlflow, the FastAPI job endpoints under `/ajax-api/3.0/jobs/*` are not protected by authentication or authorization when the `basic-auth` app is enabled. This vulnerability affects the latest version of the repository. If job execution is enabled (`MLFLOW_SERVER_ENABLE_JOB_EXECUTION=true`) and any job functio

CVECVE-2026-0545

SeverityCRITICAL

TypeUPDATED

PublishedFri, Apr 03 · 06:16 PM CDT

ModifiedTue, Apr 21 · 01:45 AM CDT

Open article ↗

Thu, Apr 02 · 02:16 PM CDT

CVE-2026-2699

9.8/10 · Must read/watch

NVDvuln

Summary
Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthenticated attacker to access restricted configuration pages. This leads to changing system configuration and potential remote code execution.

CVECVE-2026-2699

SeverityCRITICAL

TypeUPDATED

PublishedThu, Apr 02 · 02:16 PM CDT

ModifiedTue, Apr 21 · 12:26 AM CDT

Open article ↗

Fri, Mar 27 · 12:16 PM CDT

CVE-2026-4619

9.8/10 · Must read/watch

NVDvuln

Summary
Path Traversal vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to wtite over any file via network.

CVECVE-2026-4619

SeverityCRITICAL

TypeUPDATED

PublishedFri, Mar 27 · 12:16 PM CDT

ModifiedMon, Apr 20 · 03:18 PM CDT

Open article ↗

Fri, Mar 27 · 12:16 PM CDT

CVE-2026-4620

9.8/10 · Must read/watch

NVDvuln

Summary
OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.

CVECVE-2026-4620

SeverityCRITICAL

TypeUPDATED

PublishedFri, Mar 27 · 12:16 PM CDT

ModifiedMon, Apr 20 · 03:19 PM CDT

Open article ↗

Fri, Mar 27 · 12:16 PM CDT

CVE-2026-4622

9.8/10 · Must read/watch

NVDvuln

Summary
OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.

CVECVE-2026-4622

SeverityCRITICAL

TypeUPDATED

PublishedFri, Mar 27 · 12:16 PM CDT

ModifiedMon, Apr 20 · 03:22 PM CDT

Open article ↗

Tue, Sep 09 · 02:15 PM CDT

CVE-2025-54236

9.1/10 · Must read/watch

NVDvuln

Summary
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue doe

CVECVE-2025-54236

SeverityCRITICAL

TypeUPDATED

PublishedTue, Sep 09 · 02:15 PM CDT

ModifiedMon, Apr 20 · 01:00 AM CDT

Open article ↗

Thu, Apr 02 · 02:16 PM CDT

CVE-2026-2701

9.1/10 · Must read/watch

NVDvuln

Summary
Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.

CVECVE-2026-2701

SeverityCRITICAL

TypeUPDATED

PublishedThu, Apr 02 · 02:16 PM CDT

ModifiedTue, Apr 21 · 12:28 AM CDT

Open article ↗

Tue, Mar 24 · 05:16 PM CDT

CVE-2026-33340

9.1/10 · Must read/watch

NVDvuln

Summary
LoLLMs WEBUI provides the Web user interface for Lord of Large Language and Multi modal Systems. A critical Server-Side Request Forgery (SSRF) vulnerability has been identified in all known existing versions of `lollms-webui`. The `@router.post("/api/proxy")` endpoint allows unauthenticated attackers to force the serve

CVECVE-2026-33340

SeverityCRITICAL

TypeUPDATED

PublishedTue, Mar 24 · 05:16 PM CDT

ModifiedMon, Apr 20 · 08:22 PM CDT

Open article ↗

Wed, Apr 01 · 02:16 AM CDT

CVE-2026-4374

9.1/10 · Must read/watch

NVDvuln

Summary
Improper Restriction of XML External Entity Reference vulnerability in RTI Connext Professional (Routing Service,Observability Collector,Recording Service,Queueing Service,Cloud Discovery Service) allows Serialized Data External Linking, Data Serializat...

CVECVE-2026-4374

SeverityCRITICAL

TypeUPDATED

PublishedWed, Apr 01 · 02:16 AM CDT

ModifiedTue, Apr 21 · 12:06 AM CDT

Open article ↗

Tue, Sep 23 · 05:15 PM CDT

CVE-2025-9900

8.8/10 · Worth your time

NVDvuln

Summary
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arb

CVECVE-2025-9900

SeverityHIGH

TypeUPDATED

PublishedTue, Sep 23 · 05:15 PM CDT

ModifiedMon, Apr 20 · 10:16 PM CDT

Open article ↗

Mon, Mar 02 · 07:16 PM CST

CVE-2026-21853

8.8/10 · Worth your time

NVDvuln

Summary
AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a website. An attacker can trigger the vulnerability in two common scenarios: 1/

CVECVE-2026-21853

SeverityHIGH

TypeUPDATED

PublishedMon, Mar 02 · 07:16 PM CST

ModifiedMon, Apr 20 · 02:53 PM CDT

Open article ↗

Fri, Mar 27 · 03:16 PM CDT

CVE-2026-33755

8.8/10 · Worth your time

NVDvuln

Summary
Group-Office is an enterprise customer relationship management and groupware tool. Prior to versions 6.8.158, 25.0.92, and 26.0.17, an authenticated SQL Injection vulnerability in the JMAP `Contact/query` endpoint allows any authenticated user with basic addressbook access to extract arbitrary data from the database —

CVECVE-2026-33755

SeverityHIGH

TypeUPDATED

PublishedFri, Mar 27 · 03:16 PM CDT

ModifiedMon, Apr 20 · 12:35 PM CDT

Open article ↗

Tue, Mar 24 · 06:16 AM CDT

CVE-2026-33848

8.8/10 · Worth your time

NVDvuln

Summary
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96.

CVECVE-2026-33848

SeverityHIGH

TypeUPDATED

PublishedTue, Mar 24 · 06:16 AM CDT

ModifiedMon, Apr 20 · 08:20 PM CDT

Open article ↗

Tue, Mar 24 · 06:16 AM CDT

CVE-2026-33849

8.8/10 · Worth your time

NVDvuln

Summary
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in linkingvision rapidvms.This issue affects rapidvms: before PR#96.

CVECVE-2026-33849

SeverityHIGH

TypeUPDATED

PublishedTue, Mar 24 · 06:16 AM CDT

ModifiedMon, Apr 20 · 08:20 PM CDT

Open article ↗

Thu, Mar 26 · 07:16 AM CDT

CVE-2026-4747

8.8/10 · Worth your time

NVDvuln

Summary
Each RPCSEC_GSS data packet is validated by a routine which checks a signature in the packet. This routine copies a portion of the packet into a stack buffer, but fails to ensure that the buffer is sufficiently large, and a malicious client can trigger a stack overflow. Notably, this does not require the client to auth

CVECVE-2026-4747

SeverityHIGH

TypeUPDATED

PublishedThu, Mar 26 · 07:16 AM CDT

ModifiedMon, Apr 20 · 01:47 PM CDT

Open article ↗

Thu, Mar 26 · 08:16 PM CDT

CVE-2026-33631

8.7/10 · Worth your time

NVDvuln

Summary
ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. In versions on the 4.1 branch and earlier, the opfilter Endpoint Security system extension enforced file access policy exclusively by intercepting ES_EVENT_TYPE_AUTH_OPEN events. Seven additional file operation event ty

CVECVE-2026-33631

SeverityHIGH

TypeUPDATED

PublishedThu, Mar 26 · 08:16 PM CDT

ModifiedMon, Apr 20 · 08:22 PM CDT

Open article ↗

Thu, Mar 26 · 12:16 PM CDT

CVE-2018-25208

8.2/10 · Worth your time

NVDvuln

Summary
qdPM 9.1 contains an SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through filter_by parameters. Attackers can submit malicious POST requests to the timeReport endpoint with crafted filter_by[CommentCreatedFrom] and filter_by[CommentCreatedTo] pa

CVECVE-2018-25208

SeverityHIGH

TypeUPDATED

PublishedThu, Mar 26 · 12:16 PM CDT

ModifiedMon, Apr 20 · 02:09 PM CDT

Open article ↗

Mon, Feb 09 · 03:16 PM CST

CVE-2025-59023

8.2/10 · Worth your time

NVDvuln

Summary
Crafted delegations or IP fragments can poison cached delegations in Recursor.

CVECVE-2025-59023

SeverityHIGH

TypeUPDATED

PublishedMon, Feb 09 · 03:16 PM CST

ModifiedMon, Apr 20 · 03:11 PM CDT

Open article ↗

Tue, Mar 11 · 02:15 PM CDT

CVE-2025-27363

8.1/10 · Worth your time

NVDvuln

Summary
An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing

CVECVE-2025-27363

SeverityHIGH

TypeUPDATED

PublishedTue, Mar 11 · 02:15 PM CDT

ModifiedMon, Apr 20 · 01:15 PM CDT

Open article ↗

Tue, Jan 27 · 09:15 AM CST

CVE-2026-21721

8.1/10 · Worth your time

NVDvuln

Summary
The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions:* action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege escalation.

CVECVE-2026-21721

SeverityHIGH

TypeUPDATED

PublishedTue, Jan 27 · 09:15 AM CST

ModifiedMon, Apr 20 · 05:28 PM CDT

Open article ↗

Sat, Apr 04 · 02:16 PM CDT

CVE-2016-20057

7.8/10 · Worth your time

NVDvuln

Summary
NETGATE Registry Cleaner build 16.0.205 contains an unquoted service path vulnerability in the NGRegClnSrv service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the unquoted path and trigger service restart or system reboot to exe

CVECVE-2016-20057

SeverityHIGH

TypeUPDATED

PublishedSat, Apr 04 · 02:16 PM CDT

ModifiedMon, Apr 20 · 02:25 PM CDT

Open article ↗

Mon, Mar 16 · 02:17 PM CDT

CVE-2025-15552

7.8/10 · Worth your time

NVDvuln

Summary
Insufficient Session Expiration in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin password.

CVECVE-2025-15552

SeverityHIGH

TypeUPDATED

PublishedMon, Mar 16 · 02:17 PM CDT

ModifiedMon, Apr 20 · 01:29 PM CDT

Open article ↗

Ignore today

Generic low-detail roundups without primary reporting.
HN items that are interesting but not clearly security or AI relevant.
Creator videos that look more like promotion, podcast chatter, or evergreen content than time-sensitive signal outside the rolling window.