Archive snapshot

Thu, Apr 30 · 12:00 PM CDT

Archived briefing content rendered inside the ACSP site experience.

Back to archive

Archived briefing

Snapshot overview

Generated Thu, Apr 30 · 12:00 PM CDTWindow last 6 hours

Top line

Coverage now updates on a rolling 6-hour window, while NVD entries come from the live API using a last-24-hours modified window and are sorted by severity.

Fast take

News stays on the current 6-hour slice, videos now use the last 24 hours, and NVD uses the API instead of the traditional feed to better match the live site behavior.

Top stories

5

Worth skimming

5

Tracked videos

0

NVD vulnerabilities

25

Top stories

Thu, Apr 30 · 12:00 PM CDT

UK: Education Sector Faces Surge in Cyber Breaches Despite Stable National Threat Levels

9.4/10 · Must read/watch

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Thu, Apr 30 · 11:10 AM CDT

Shai-Hulud Themed Malware Found in the PyTorch Lightning AI Training Library

9.2/10 · Must read/watch

Hacker Newsmalwareai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 50 minutes ago.

Open article ↗

Thu, 30 Apr 2026 18:06:00 +0530

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

8.9/10 · Worth your time

The Hacker Newsaiidentity

Summary
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts. "The intrusion

Open article ↗

Thu, 30 Apr 2026 17:00:00 +0530

EtherRAT Distribution Spoofing Administrative Tools via GitHub Facades

8.9/10 · Worth your time

The Hacker Newssupply-chainai

Summary
Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege professional accounts of enterprise administrators, DevOps engineers, and securi

Open article ↗

Thu, Apr 30 · 12:00 PM CDT

Three Arrested for Hacking Over 610,000 Roblox Accounts

8.2/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Worth skimming

Thu, Apr 30 · 12:00 PM CDT

Deep#Door Python Backdoor Evades Detection On Windows

8.2/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Thu, Apr 30 · 12:00 PM CDT

CISA and Partners Publish Zero Trust Guidance For OT Security

8.2/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Thu, 30 Apr 2026 19:25:00 +0530

ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

8.1/10 · Worth your time

The Hacker Newsgeneral

Summary
The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into their private files during a simple install. It is definitely a

Open article ↗

Thu, Apr 30 · 11:00 AM CDT

Spain's parliament will act against massive IP blockages by LaLiga

8.1/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 1 hour ago.

Open article ↗

Thu, Apr 30 · 12:00 PM CDT

Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto Wallets

8.0/10 · Worth your time

Infosecurity Magazinesupply-chainai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Videos worth watching

Nothing surfaced yet.

NVD vulnerabilities

Thu, Feb 05 · 06:16 PM CST

CVE-2025-68121

10.0/10 · Must read/watch

NVDvuln

Summary
During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Con

CVECVE-2025-68121

SeverityCRITICAL

TypeUPDATED

PublishedThu, Feb 05 · 06:16 PM CST

ModifiedWed, Apr 29 · 02:16 PM CDT

Open article ↗

Mon, Mar 02 · 04:15 AM CST

CVE-2020-9546

9.8/10 · Must read/watch

NVDvuln

Summary
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config).

CVECVE-2020-9546

SeverityCRITICAL

TypeUPDATED

PublishedMon, Mar 02 · 04:15 AM CST

ModifiedWed, Apr 29 · 08:24 PM CDT

Open article ↗

Wed, May 21 · 07:16 AM CDT

CVE-2025-4524

9.8/10 · Must read/watch

NVDvuln

Summary
The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.2 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the e

CVECVE-2025-4524

SeverityCRITICAL

TypeUPDATED

PublishedWed, May 21 · 07:16 AM CDT

ModifiedWed, Apr 29 · 08:16 PM CDT

Open article ↗

Mon, Mar 23 · 01:16 PM CDT

CVE-2026-31848

9.8/10 · Must read/watch

NVDvuln

Summary
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 uses the ecos_pw cookie for authentication, which contains Base64-encoded credential data combined with a static suffix. Because the encoding is reversible and lacks integrity protection, an attacker can reconstruct or forge a valid cookie value without p

CVECVE-2026-31848

SeverityCRITICAL

TypeUPDATED

PublishedMon, Mar 23 · 01:16 PM CDT

ModifiedWed, Apr 29 · 05:45 PM CDT

Open article ↗

Mon, Mar 23 · 01:16 PM CDT

CVE-2026-31851

9.8/10 · Must read/watch

NVDvuln

Summary
Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 does not implement rate limiting or account lockout mechanisms on authentication interfaces. An attacker can perform unlimited authentication attempts against endpoints that rely on credential validation, enabling brute-force attacks to guess administrati

CVECVE-2026-31851

SeverityCRITICAL

TypeUPDATED

PublishedMon, Mar 23 · 01:16 PM CDT

ModifiedWed, Apr 29 · 05:37 PM CDT

Open article ↗

Mon, Apr 06 · 08:16 PM CDT

CVE-2026-35022

9.8/10 · Must read/watch

NVDvuln

Summary
Anthropic Claude Code CLI and Claude Agent SDK contain an OS command injection vulnerability in authentication helper execution where helper configuration values are executed using shell=true without input validation. Attackers who can influence authentication settings can inject shell metacharacters through parameters

CVECVE-2026-35022

SeverityCRITICAL

TypeUPDATED

PublishedMon, Apr 06 · 08:16 PM CDT

ModifiedWed, Apr 29 · 07:00 PM CDT

Open article ↗

Thu, Mar 19 · 06:16 PM CDT

CVE-2026-3548

9.8/10 · Must read/watch

NVDvuln

Summary
Two buffer overflow vulnerabilities existed in the wolfSSL CRL parser when parsing CRL numbers: a heap-based buffer overflow could occur when improperly storing the CRL number as a hexadecimal string, and a stack-based overflow for sufficiently sized CRL numbers. With appropriately crafted CRLs, either of these out of

CVECVE-2026-3548

SeverityCRITICAL

TypeUPDATED

PublishedThu, Mar 19 · 06:16 PM CDT

ModifiedWed, Apr 29 · 06:41 PM CDT

Open article ↗

Thu, Apr 09 · 10:16 PM CDT

CVE-2026-5264

9.8/10 · Must read/watch

NVDvuln

Summary
Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow.

CVECVE-2026-5264

SeverityCRITICAL

TypeUPDATED

PublishedThu, Apr 09 · 10:16 PM CDT

ModifiedWed, Apr 29 · 05:18 PM CDT

Open article ↗

Tue, Sep 09 · 02:15 PM CDT

CVE-2025-54236

9.1/10 · Must read/watch

NVDvuln

Summary
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue doe

CVECVE-2025-54236

SeverityCRITICAL

TypeUPDATED

PublishedTue, Sep 09 · 02:15 PM CDT

ModifiedWed, Apr 22 · 07:00 PM CDT

Open article ↗

Fri, Apr 10 · 12:16 AM CDT

CVE-2026-5393

9.1/10 · Must read/watch

NVDvuln

Summary
Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL.

CVECVE-2026-5393

SeverityCRITICAL

TypeUPDATED

PublishedFri, Apr 10 · 12:16 AM CDT

ModifiedWed, Apr 29 · 01:58 PM CDT

Open article ↗

Tue, Mar 31 · 05:15 AM CDT

CVE-2020-11112

8.8/10 · Worth your time

NVDvuln

Summary
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).

CVECVE-2020-11112

SeverityHIGH

TypeUPDATED

PublishedTue, Mar 31 · 05:15 AM CDT

ModifiedWed, Apr 29 · 06:58 PM CDT

Open article ↗

Tue, Mar 31 · 05:15 AM CDT

CVE-2020-11113

8.8/10 · Worth your time

NVDvuln

Summary
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).

CVECVE-2020-11113

SeverityHIGH

TypeUPDATED

PublishedTue, Mar 31 · 05:15 AM CDT

ModifiedWed, Apr 29 · 08:05 PM CDT

Open article ↗

Mon, Mar 23 · 01:16 PM CDT

CVE-2026-31847

8.8/10 · Worth your time

NVDvuln

Summary
Hidden functionality in the /goform/setSysTools endpoint in Nexxt Solutions Nebula 300+ firmware through version 12.01.01.37 allows remote enablement of a Telnet service. By sending a crafted POST request with parameters such as telnetManageEn=true and telnetPwd, an authenticated attacker can activate a Telnet service

CVECVE-2026-31847

SeverityHIGH

TypeUPDATED

PublishedMon, Mar 23 · 01:16 PM CDT

ModifiedWed, Apr 29 · 05:46 PM CDT

Open article ↗

Mon, Apr 06 · 05:17 PM CDT

CVE-2026-35029

8.8/10 · Worth your time

NVDvuln

Summary
LiteLLM is a proxy server (AI Gateway) to call LLM APIs in OpenAI (or native) format. Prior to 1.83.0, the /config/update endpoint does not enforce admin role authorization. A user who is already authenticated into the platform can then use this endpoint to modify proxy configuration and environment variables, register

CVECVE-2026-35029

SeverityHIGH

TypeUPDATED

PublishedMon, Apr 06 · 05:17 PM CDT

ModifiedWed, Apr 29 · 08:16 PM CDT

Open article ↗

Mon, Mar 23 · 03:16 AM CDT

CVE-2026-4566

8.8/10 · Worth your time

NVDvuln

Summary
A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/formWISP5G. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. The vendor was c

CVECVE-2026-4566

SeverityHIGH

TypeUPDATED

PublishedMon, Mar 23 · 03:16 AM CDT

ModifiedWed, Apr 29 · 10:10 PM CDT

Open article ↗

Sun, Apr 05 · 08:16 AM CDT

CVE-2026-5550

8.8/10 · Worth your time

NVDvuln

Summary
A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endpoints might be affected.

CVECVE-2026-5550

SeverityHIGH

TypeUPDATED

PublishedSun, Apr 05 · 08:16 AM CDT

ModifiedWed, Apr 29 · 11:44 PM CDT

Open article ↗

Mon, Apr 06 · 10:16 PM CDT

CVE-2026-5685

8.8/10 · Worth your time

NVDvuln

Summary
A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used.

CVECVE-2026-5685

SeverityHIGH

TypeUPDATED

PublishedMon, Apr 06 · 10:16 PM CDT

ModifiedWed, Apr 29 · 10:37 PM CDT

Open article ↗

Mon, Apr 06 · 10:16 PM CDT

CVE-2026-5686

8.8/10 · Worth your time

NVDvuln

Summary
A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may

CVECVE-2026-5686

SeverityHIGH

TypeUPDATED

PublishedMon, Apr 06 · 10:16 PM CDT

ModifiedWed, Apr 29 · 10:35 PM CDT

Open article ↗

Mon, Apr 06 · 10:16 PM CDT

CVE-2026-5687

8.8/10 · Worth your time

NVDvuln

Summary
A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. This manipulation of the argument page causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and cou

CVECVE-2026-5687

SeverityHIGH

TypeUPDATED

PublishedMon, Apr 06 · 10:16 PM CDT

ModifiedWed, Apr 29 · 10:34 PM CDT

Open article ↗

Wed, Apr 08 · 10:16 PM CDT

CVE-2026-5908

8.8/10 · Worth your time

NVDvuln

Summary
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)

CVECVE-2026-5908

SeverityHIGH

TypeUPDATED

PublishedWed, Apr 08 · 10:16 PM CDT

ModifiedWed, Apr 29 · 04:16 PM CDT

Open article ↗

Wed, Apr 08 · 10:16 PM CDT

CVE-2026-5909

8.8/10 · Worth your time

NVDvuln

Summary
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)

CVECVE-2026-5909

SeverityHIGH

TypeUPDATED

PublishedWed, Apr 08 · 10:16 PM CDT

ModifiedWed, Apr 29 · 04:16 PM CDT

Open article ↗

Wed, Apr 08 · 10:16 PM CDT

CVE-2026-5910

8.8/10 · Worth your time

NVDvuln

Summary
Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (Chromium security severity: Low)

CVECVE-2026-5910

SeverityHIGH

TypeUPDATED

PublishedWed, Apr 08 · 10:16 PM CDT

ModifiedWed, Apr 29 · 04:16 PM CDT

Open article ↗

Wed, Apr 08 · 10:16 PM CDT

CVE-2026-5912

8.8/10 · Worth your time

NVDvuln

Summary
Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Low)

CVECVE-2026-5912

SeverityHIGH

TypeUPDATED

PublishedWed, Apr 08 · 10:16 PM CDT

ModifiedWed, Apr 29 · 04:16 PM CDT

Open article ↗

Wed, Apr 08 · 10:16 PM CDT

CVE-2026-5914

8.8/10 · Worth your time

NVDvuln

Summary
Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. (Chromium security severity: Low)

CVECVE-2026-5914

SeverityHIGH

TypeUPDATED

PublishedWed, Apr 08 · 10:16 PM CDT

ModifiedWed, Apr 29 · 04:16 PM CDT

Open article ↗

Thu, Apr 09 · 11:17 PM CDT

CVE-2026-5988

8.8/10 · Worth your time

NVDvuln

Summary
A vulnerability was detected in Tenda F451 1.0.0.7. This impacts the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Performing a manipulation of the argument mit_ssid results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.

CVECVE-2026-5988

SeverityHIGH

TypeUPDATED

PublishedThu, Apr 09 · 11:17 PM CDT

ModifiedWed, Apr 29 · 08:04 PM CDT

Open article ↗

Ignore today

Generic low-detail roundups without primary reporting.
HN items that are interesting but not clearly security or AI relevant.
Creator videos that look more like promotion, podcast chatter, or evergreen content than time-sensitive signal outside the rolling window.