Archive snapshot

Thu, Apr 23 · 06:00 AM CDT

Archived briefing content rendered inside the ACSP site experience.

Back to archive

Archived briefing

Snapshot overview

Generated Thu, Apr 23 · 06:00 AM CDTWindow last 6 hours

Top line

Coverage now updates on a rolling 6-hour window, while NVD entries come from the live API using a last-24-hours modified window and are sorted by severity.

Fast take

News stays on the current 6-hour slice, videos now use the last 24 hours, and NVD uses the API instead of the traditional feed to better match the live site behavior.

Top stories

5

Worth skimming

5

Tracked videos

0

NVD vulnerabilities

25

Top stories

Thu, 23 Apr 2026 14:10:00 +0530

Vercel Finds More Compromised Accounts in Context.ai-Linked Breach

9.8/10 · Must read/watch

The Hacker Newsaiidentity

Summary
Vercel on Wednesday revealed that it has identified an additional set of customer accounts that were compromised as part of a security incident that enabled unauthorized access to its internal systems. The company said it made the discovery after expanding its

Open article ↗

Thu, 23 Apr 2026 13:36:00 +0530

Apple Fixes iOS Flaw That Let FBI Recover Deleted Signal Messages

9.4/10 · Must read/watch

The Hacker Newsvuln

Summary
Apple has rolled out a software fix for iOS and iPadOS to address a Notification Services flaw that stored notifications marked for deletion on the device. The vulnerability, tracked as CVE-2026-28950 (CVSS score: N/A), has been described as a logging issue th

Open article ↗

Thu, Apr 23 · 06:00 AM CDT

Researchers Uncover 10 In-the-Wild Prompt Injection Payloads Targeting AI Agents

9.1/10 · Must read/watch

Infosecurity Magazineai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Thu, Apr 23 · 06:00 AM CDT

NCSC Backs Passkeys, Hailing a New Era of Sign-in

8.7/10 · Worth your time

Infosecurity Magazineaipolicy

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Thu, Apr 23 · 06:00 AM CDT

Cyber-Attacks Surge 63% Annually in Education Sector

8.2/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Worth skimming

Thu, Apr 23 · 06:00 AM CDT

Surge in Silent Subject Phishing Attacks Targets VIP Users

8.1/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Thu, 23 Apr 2026 14:34:00 +0530

China-Linked GopherWhisper Infects 12 Mongolian Government Systems with Go Backdoors

8.1/10 · Worth your time

The Hacker Newspolicy

Summary
Mongolian governmental institutions have emerged as the target of a previously undocumented China-aligned advanced persistent threat (APT) group tracked as GopherWhisper. "The group wields a wide array of tools mostly written in Go, using injectors and loaders

Open article ↗

Thu, Apr 23 · 01:00 AM CDT

Our newsroom AI policy

8.1/10 · Worth your time

Hacker Newsaipolicy

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 5 hours ago.

Open article ↗

Thu, Apr 23 · 05:00 AM CDT

Do you want the US to "win" AI?

8.1/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 1 hour ago.

Open article ↗

Thu, Apr 23 · 06:00 AM CDT

Former Ransomware Negotiator Pleads Guilty to Working For BlackCat Cyber Gang

7.8/10 · Worth your time

Infosecurity Magazinemalware

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Videos worth watching

Nothing surfaced yet.

NVD vulnerabilities

Wed, Sep 27 · 11:07 PM CDT

CVE-2006-5021

9.8/10 · Must read/watch

NVDvuln

Summary
Multiple PHP remote file inclusion vulnerabilities in redgun RedBLoG 0.5 allow remote attackers to execute arbitrary PHP code via a URL in (1) the root parameter in imgen.php, and the root_path parameter in (2) admin/config.php, (3) common.php, and (4) admin/index.php. NOTE: the provenance of this information is unknow

CVECVE-2006-5021

SeverityCRITICAL

TypeUPDATED

PublishedWed, Sep 27 · 11:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 11:07 PM CDT

CVE-2006-5024

9.8/10 · Must read/watch

NVDvuln

Summary
Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.4 have unknown impact and attack vectors.

CVECVE-2006-5024

SeverityCRITICAL

TypeUPDATED

PublishedWed, Sep 27 · 11:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Thu, Sep 28 · 06:07 PM CDT

CVE-2006-3738

10.0/10 · Must read/watch

NVDvuln

Summary
Buffer overflow in the SSL_get_shared_ciphers function in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions has unspecified impact and remote attack vectors involving a long list of ciphers.

CVECVE-2006-3738

SeverityHIGH

TypeUPDATED

PublishedThu, Sep 28 · 06:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 01:07 AM CDT

CVE-2006-5008

10.0/10 · Must read/watch

NVDvuln

Summary
Unspecified vulnerability in utape in IBM AIX 5.2.0 and 5.3.0 allows attackers to execute arbitrary commands and overwrite arbitrary files via unspecified vectors.

CVECVE-2006-5008

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 01:07 AM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 11:07 PM CDT

CVE-2006-5025

10.0/10 · Must read/watch

NVDvuln

Summary
Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.2 have unknown impact and attack vectors.

CVECVE-2006-5025

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 11:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 11:07 PM CDT

CVE-2006-5026

10.0/10 · Must read/watch

NVDvuln

Summary
Multiple unspecified vulnerabilities in Paisterist Simple HTTP Scanner (sHTTPScanner) before 0.3 have unknown impact and attack vectors.

CVECVE-2006-5026

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 11:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 07:07 PM CDT

CVE-2006-4694

9.3/10 · Must read/watch

NVDvuln

Summary
Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office XP and Office 2003 allows user-assisted attackers to execute arbitrary code via a crafted record in a PPT file, as exploited by malware such as Exploit:Win32/Controlppt.W, Exploit:Win32/Controlppt.X, and Exploit-PPT.d/Trojan.PPDropper.F. NOTE: it

CVECVE-2006-4694

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 07:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 01:07 AM CDT

CVE-2006-5014

8.8/10 · Worth your time

NVDvuln

Summary
Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.

CVECVE-2006-5014

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 01:07 AM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 11:07 PM CDT

CVE-2006-5051

8.1/10 · Worth your time

NVDvuln

Summary
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.

CVECVE-2006-5051

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 11:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Thu, Sep 28 · 06:07 PM CDT

CVE-2006-2937

7.8/10 · Worth your time

NVDvuln

Summary
OpenSSL 0.9.7 before 0.9.7l and 0.9.8 before 0.9.8d allows remote attackers to cause a denial of service (infinite loop and memory consumption) via malformed ASN.1 structures that trigger an improperly handled error condition.

CVECVE-2006-2937

SeverityHIGH

TypeUPDATED

PublishedThu, Sep 28 · 06:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Thu, Sep 28 · 06:07 PM CDT

CVE-2006-2940

7.8/10 · Worth your time

NVDvuln

Summary
OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows attackers to cause a denial of service (CPU consumption) via parasitic public keys with large (1) "public exponent" or (2) "public modulus" values in X.509 certificates that require extra time to process when using RSA signature verification.

CVECVE-2006-2940

SeverityHIGH

TypeUPDATED

PublishedThu, Sep 28 · 06:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 01:07 AM CDT

CVE-2006-4924

7.8/10 · Worth your time

NVDvuln

Summary
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.

CVECVE-2006-4924

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 01:07 AM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 01:07 AM CDT

CVE-2006-5013

7.8/10 · Worth your time

NVDvuln

Summary
Sun Solaris 10 before patch 118855-16 (20060925), when run on x64 systems using IPv6, allows remote attackers to cause a denial of service (kernel panic) via crafted IPv6 packets.

CVECVE-2006-5013

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 01:07 AM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Fri, Sep 29 · 12:07 AM CDT

CVE-2006-5073

7.8/10 · Worth your time

NVDvuln

Summary
Unspecified vulnerability in Sun Solaris 8, 9 and 10 allows remote attackers to cause a denial of service (panic) via crafted IPv6 packets, a different vulnerability than CVE-2006-5013.

CVECVE-2006-5073

SeverityHIGH

TypeUPDATED

PublishedFri, Sep 29 · 12:07 AM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Fri, Sep 29 · 12:07 AM CDT

CVE-2006-5075

7.8/10 · Worth your time

NVDvuln

Summary
The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 10 before 20060926 allows remote attackers to cause a denial of service (system crash) via unspecified vectors related to an SSL client.

CVECVE-2006-5075

SeverityHIGH

TypeUPDATED

PublishedFri, Sep 29 · 12:07 AM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Tue, Oct 03 · 04:02 AM CDT

CVE-2006-4394

7.5/10 · Worth your time

NVDvuln

Summary
A logic error in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, allows network accounts without GUIds to bypass service access controls and log into the system using loginwindow via unknown vectors.

CVECVE-2006-4394

SeverityHIGH

TypeUPDATED

PublishedTue, Oct 03 · 04:02 AM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 01:07 AM CDT

CVE-2006-5015

7.5/10 · Worth your time

NVDvuln

Summary
PHP remote file inclusion vulnerability in hit.php in Kietu 3.2 allows remote attackers to execute arbitrary PHP code via an FTP URL in the url_hit parameter.

CVECVE-2006-5015

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 01:07 AM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 11:07 PM CDT

CVE-2006-5017

7.5/10 · Worth your time

NVDvuln

Summary
SQL injection vulnerability in admin/all_users.php in Szava Gyula and Csaba Tamas e-Vision CMS, probably 1.0, allows remote attackers to execute arbitrary SQL commands via the from parameter.

CVECVE-2006-5017

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 11:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 11:07 PM CDT

CVE-2006-5020

7.5/10 · Worth your time

NVDvuln

Summary
Multiple PHP remote file inclusion vulnerabilities in SolidState 0.4 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the base_path parameter in manager/pages/ scripts including (1) AccountsPage.class.php, (2) AddInvoicePage.class.php, (3) AddIPAddressPage.class.php, (4) AddPaymentPage.clas

CVECVE-2006-5020

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 11:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 11:07 PM CDT

CVE-2006-5022

7.5/10 · Worth your time

NVDvuln

Summary
PHP remote file inclusion vulnerability in includes/global.php in Joshua Wilson pNews System 1.1.0 (aka PowerNews) allows remote attackers to execute arbitrary PHP code via a URL in the nbs parameter.

CVECVE-2006-5022

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 11:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 11:07 PM CDT

CVE-2006-5023

7.5/10 · Worth your time

NVDvuln

Summary
SQL injection vulnerability in kategori.asp in xweblog 2.1 and earlier allows remote attackers to execute arbitrary SQL commands via the kategori parameter.

CVECVE-2006-5023

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 11:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 11:07 PM CDT

CVE-2006-5029

7.5/10 · Worth your time

NVDvuln

Summary
SQL injection vulnerability in thread.php in WoltLab Burning Board (wBB) 2.3.x allows remote attackers to obtain the version numbers of PHP, MySQL, and wBB via the page parameter. NOTE: this issue might be a forced SQL error. Also, the original report was disputed by a third party for 2.3.3 and 2.3.4.

CVECVE-2006-5029

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 11:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 11:07 PM CDT

CVE-2006-5030

7.5/10 · Worth your time

NVDvuln

Summary
SQL injection vulnerability in modules/messages/index.php in exV2 2.0.4.3 and earlier allows remote authenticated users to execute arbitrary SQL commands via the sort parameter.

CVECVE-2006-5030

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 11:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 11:07 PM CDT

CVE-2006-5032

7.5/10 · Worth your time

NVDvuln

Summary
PHP remote file inclusion vulnerability in dix.php3 in PHPartenaire 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the url_phpartenaire parameter.

CVECVE-2006-5032

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 11:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Wed, Sep 27 · 11:07 PM CDT

CVE-2006-5038

7.5/10 · Worth your time

NVDvuln

Summary
The FiWin SS28S WiFi VoIP SIP/Skype Phone, firmware version 01_02_07, has a hard-coded username and password, which allows remote attackers to gain administrative access via telnet.

CVECVE-2006-5038

SeverityHIGH

TypeUPDATED

PublishedWed, Sep 27 · 11:07 PM CDT

ModifiedThu, Apr 23 · 12:35 AM CDT

Open article ↗

Ignore today

Generic low-detail roundups without primary reporting.
HN items that are interesting but not clearly security or AI relevant.
Creator videos that look more like promotion, podcast chatter, or evergreen content than time-sensitive signal outside the rolling window.