Archive snapshot

Mon, May 04 · 12:00 PM CDT

Archived briefing content rendered inside the ACSP site experience.

Back to archive

Archived briefing

Snapshot overview

Generated Mon, May 04 · 12:00 PM CDTWindow last 6 hours

Top line

Coverage now updates on a rolling 6-hour window, while NVD entries come from the live API using a last-24-hours modified window and are sorted by severity.

Fast take

News stays on the current 6-hour slice, videos now use the last 24 hours, and NVD uses the API instead of the traditional feed to better match the live site behavior.

Top stories

5

Worth skimming

5

Tracked videos

2

NVD vulnerabilities

25

Top stories

Mon, 04 May 2026 19:53:00 +0530

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

9.8/10 · Must read/watch

The Hacker Newsvulnsupply-chainai

Summary
This week, the shadows moved faster than the patches. While most teams were still triaging last month’s alerts, attackers had already turned control panels into kill switches, kernels into open doors, and open-source pipelines into silent delivery systems. The

Open article ↗

Mon, 04 May 2026 17:27:00 +0530

Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia

9.8/10 · Must read/watch

The Hacker Newsmalwareai

Summary
The China-based cybercrime group known as Silver Fox has been linked to a new campaign targeting organizations in Russia and India with a new malware called ABCDoor. The activity involved using phishing emails that mimic correspondence from the Income Tax Depa

Open article ↗

Mon, 04 May 2026 17:28:00 +0530

2026: The Year of AI-Assisted Attacks

8.6/10 · Worth your time

The Hacker Newsaiidentity

Summary
On December 4, 2025, a 17-year-old was arrested in Osaka under Japan’s Unauthorized Access Prohibition Act. The young man had run malicious code to extract the personal data of over 7 million users of Kaikatsu Club, Japan's largest internet cafe chain. When as

Open article ↗

Mon, May 04 · 11:00 AM CDT

GitHub Is Down

8.4/10 · Worth your time

Hacker Newssupply-chain

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 1 hour ago.

Open article ↗

Mon, May 04 · 12:00 PM CDT

Anthropic Rolls Out Claude Security for AI Vulnerability Scanning

8.0/10 · Worth your time

Infosecurity Magazinevulnai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Worth skimming

Mon, May 04 · 12:00 PM CDT

Two American Cybersecurity Workers Jailed for BlackCat Ransomware Attacks

8.0/10 · Worth your time

Infosecurity Magazinemalwareai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Mon, May 04 · 12:00 PM CDT

Nine-Year-Old Zero-Day Flaw in Linux Kernel Discovered by AI-Equipped Security Researcher

8.0/10 · Worth your time

Infosecurity Magazinevulnai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Mon, May 04 · 12:00 PM CDT

Malicious npm Dependency Linked to AI Assisted Commit Targets Crypto Wallets

8.0/10 · Worth your time

Infosecurity Magazinesupply-chainai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Mon, May 04 · 12:00 PM CDT

Researchers Track 2.9 Billion Compromised Credentials

7.7/10 · Worth your time

Infosecurity Magazineidentity

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Mon, May 04 · 12:00 PM CDT

Cursor Extension Flaw Exposes Developer API Keys

7.7/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Videos worth watching

Mon, May 04 · 07:53 AM CDT

One ChatGPT connector. One email. Full AI agent hijack. #BugBounty #PromptInjection #ai #hacking

8.8/10 · Worth your time

YouTube / NahamSecai

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

Mon, May 04 · 07:54 AM CDT

Stop Using AI Connectors Until You Watch This

8.5/10 · Worth your time

YouTube / NahamSecai

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

NVD vulnerabilities

Mon, May 04 · 01:16 AM CDT

CVE-2026-42369

10.0/10 · Must read/watch

NVDvuln

Summary
GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access to the management and mo

CVECVE-2026-42369

SeverityCRITICAL

TypeNEW

PublishedMon, May 04 · 01:16 AM CDT

ModifiedMon, May 04 · 01:16 AM CDT

Open article ↗

Mon, May 04 · 01:16 AM CDT

CVE-2026-42364

9.9/10 · Must read/watch

NVDvuln

Summary
An os command injection vulnerability exists in the DdnsSetting.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted DDNS configuration can lead to arbitrary command execution. An attacker can modify a configuration value to trigger this vulnerability.

CVECVE-2026-42364

SeverityCRITICAL

TypeNEW

PublishedMon, May 04 · 01:16 AM CDT

ModifiedMon, May 04 · 01:16 AM CDT

Open article ↗

Mon, May 04 · 01:16 AM CDT

CVE-2026-42368

9.9/10 · Must read/watch

NVDvuln

Summary
A privilege escalation vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted HTTP request can lead to execute priviledged operation. An attacker can visit a webpage to trigger this vulnerability.

CVECVE-2026-42368

SeverityCRITICAL

TypeNEW

PublishedMon, May 04 · 01:16 AM CDT

ModifiedMon, May 04 · 01:16 AM CDT

Open article ↗

Mon, May 04 · 09:15 AM CDT

CVE-2025-14320

9.8/10 · Must read/watch

NVDvuln

Summary
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Tegsoft Management and Information Services Trade Limited Company Online Support Application allows Reflected XSS. This issue affects Online Support Application: from V3 through 31122025.

CVECVE-2025-14320

SeverityCRITICAL

TypeNEW

PublishedMon, May 04 · 09:15 AM CDT

ModifiedMon, May 04 · 09:15 AM CDT

Open article ↗

Fri, Feb 13 · 02:16 PM CST

CVE-2026-23112

9.8/10 · Must read/watch

NVDvuln

Summary
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec nvmet_tcp_build_pdu_iovec() could walk past cmd->req.sg when a PDU length or offset exceeds sg_cnt and then use bogus sg->length/offset values, leading to _copy_to_iter() GPF/KASAN. Guard sg_idx

CVECVE-2026-23112

SeverityCRITICAL

TypeUPDATED

PublishedFri, Feb 13 · 02:16 PM CST

ModifiedMon, May 04 · 09:16 AM CDT

Open article ↗

Thu, Apr 23 · 04:16 PM CDT

CVE-2026-39087

9.8/10 · Must read/watch

NVDvuln

Summary
ntfy before 2.22.0 allows SSRF because of an unanchored regular expression.

CVECVE-2026-39087

SeverityCRITICAL

TypeUPDATED

PublishedThu, Apr 23 · 04:16 PM CDT

ModifiedMon, May 04 · 06:16 AM CDT

Open article ↗

Mon, May 04 · 02:15 AM CDT

CVE-2026-7719

9.8/10 · Must read/watch

NVDvuln

Summary
A security flaw has been discovered in Totolink WA300 5.2cu.7112_B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument http_host results in buffer overflow. The attack may be launched remotely. The exploit has b

CVECVE-2026-7719

SeverityCRITICAL

TypeNEW

PublishedMon, May 04 · 02:15 AM CDT

ModifiedMon, May 04 · 02:15 AM CDT

Open article ↗

Mon, May 04 · 09:16 AM CDT

CVE-2026-7747

9.8/10 · Must read/watch

NVDvuln

Summary
A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument Password results in buffer overflow. The attack can be initiated remotely. The e

CVECVE-2026-7747

SeverityCRITICAL

TypeNEW

PublishedMon, May 04 · 09:16 AM CDT

ModifiedMon, May 04 · 09:16 AM CDT

Open article ↗

Mon, May 04 · 01:16 AM CDT

CVE-2026-7161

9.3/10 · Must read/watch

NVDvuln

Summary
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with various Geovision devices on

CVECVE-2026-7161

SeverityCRITICAL

TypeNEW

PublishedMon, May 04 · 01:16 AM CDT

ModifiedMon, May 04 · 01:16 AM CDT

Open article ↗

Tue, Sep 09 · 02:15 PM CDT

CVE-2025-54236

9.1/10 · Must read/watch

NVDvuln

Summary
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue doe

CVECVE-2025-54236

SeverityCRITICAL

TypeUPDATED

PublishedTue, Sep 09 · 02:15 PM CDT

ModifiedWed, Apr 22 · 07:00 PM CDT

Open article ↗

Mon, May 04 · 01:16 AM CDT

CVE-2026-42370

9.0/10 · Must read/watch

NVDvuln

Summary
A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability.

CVECVE-2026-42370

SeverityCRITICAL

TypeNEW

PublishedMon, May 04 · 01:16 AM CDT

ModifiedMon, May 04 · 01:16 AM CDT

Open article ↗

Mon, May 04 · 01:16 AM CDT

CVE-2026-7372

9.0/10 · Must read/watch

NVDvuln

Summary
A stack overflow vulnerability exists in the WebCam Server Login functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted HTTP request can lead to an arbitrary code execution. An attacker can make an unauthenticated HTTP request to trigger this vulnerability. #### Stack-overflow via unconstrained sscanf The ca

CVECVE-2026-7372

SeverityCRITICAL

TypeNEW

PublishedMon, May 04 · 01:16 AM CDT

ModifiedMon, May 04 · 01:16 AM CDT

Open article ↗

Mon, May 04 · 01:16 AM CDT

CVE-2026-7717

8.8/10 · Worth your time

NVDvuln

Summary
A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument File can lead to buffer overflow. The attack can be launched remotely. The exploit ha

CVECVE-2026-7717

SeverityHIGH

TypeNEW

PublishedMon, May 04 · 01:16 AM CDT

ModifiedMon, May 04 · 01:16 AM CDT

Open article ↗

Mon, May 04 · 10:16 AM CDT

CVE-2026-7748

8.8/10 · Worth your time

NVDvuln

Summary
A weakness has been identified in Totolink N300RH 3.2.4-B20220812. Affected by this issue is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument FileName can lead to buffer overflow. The attack can be launched remotely. The exploit h

CVECVE-2026-7748

SeverityHIGH

TypeNEW

PublishedMon, May 04 · 10:16 AM CDT

ModifiedMon, May 04 · 10:16 AM CDT

Open article ↗

Mon, May 04 · 10:16 AM CDT

CVE-2026-7749

8.8/10 · Worth your time

NVDvuln

Summary
A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument priDns leads to buffer overflow. The attack may be initiated remotely. The exploit has been discl

CVECVE-2026-7749

SeverityHIGH

TypeNEW

PublishedMon, May 04 · 10:16 AM CDT

ModifiedMon, May 04 · 10:16 AM CDT

Open article ↗

Mon, May 04 · 10:16 AM CDT

CVE-2026-7750

8.8/10 · Worth your time

NVDvuln

Summary
A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument mac_address results in buffer overflow. The attack may be launched remotely. The exploit is

CVECVE-2026-7750

SeverityHIGH

TypeNEW

PublishedMon, May 04 · 10:16 AM CDT

ModifiedMon, May 04 · 10:16 AM CDT

Open article ↗

Mon, May 04 · 01:16 AM CDT

CVE-2026-42365

8.6/10 · Worth your time

NVDvuln

Summary
A guessable session cookie vulnerability exists in the Web Interface functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted series of HTTP requests can lead to an authentication bypas. An attacker can bruteforce session cookies to trigger this vulnerability.

CVECVE-2026-42365

SeverityHIGH

TypeNEW

PublishedMon, May 04 · 01:16 AM CDT

ModifiedMon, May 04 · 01:16 AM CDT

Open article ↗

Wed, Apr 22 · 09:16 AM CDT

CVE-2026-31431

7.8/10 · Worth your time

NVDvuln

Summary
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different ma

CVECVE-2026-31431

SeverityHIGH

TypeUPDATED

PublishedWed, Apr 22 · 09:16 AM CDT

ModifiedMon, May 04 · 05:16 AM CDT

Open article ↗

Thu, Apr 30 · 11:16 AM CDT

CVE-2026-31786

7.8/10 · Worth your time

NVDvuln

Summary
In the Linux kernel, the following vulnerability has been resolved: Buffer overflow in drivers/xen/sys-hypervisor.c The build id returned by HYPERVISOR_xen_version(XENVER_build_id) is neither NUL terminated nor a string. The first causes a buffer overflow as sprintf in buildid_show will read and copy till it finds a NU

CVECVE-2026-31786

SeverityHIGH

TypeUPDATED

PublishedThu, Apr 30 · 11:16 AM CDT

ModifiedMon, May 04 · 09:16 AM CDT

Open article ↗

Thu, Apr 09 · 06:16 PM CDT

CVE-2026-1584

7.5/10 · Worth your time

NVDvuln

Summary
A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and resulting in a remote

CVECVE-2026-1584

SeverityHIGH

TypeUPDATED

PublishedThu, Apr 09 · 06:16 PM CDT

ModifiedSun, May 03 · 02:16 PM CDT

Open article ↗

Thu, Apr 30 · 06:16 PM CDT

CVE-2026-33845

7.5/10 · Worth your time

NVDvuln

Summary
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.

CVECVE-2026-33845

SeverityHIGH

TypeUPDATED

PublishedThu, Apr 30 · 06:16 PM CDT

ModifiedSun, May 03 · 08:16 PM CDT

Open article ↗

Mon, May 04 · 10:15 AM CDT

CVE-2026-33846

7.5/10 · Worth your time

NVDvuln

Summary
A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fra

CVECVE-2026-33846

SeverityHIGH

TypeNEW

PublishedMon, May 04 · 10:15 AM CDT

ModifiedMon, May 04 · 10:15 AM CDT

Open article ↗

Mon, May 04 · 01:16 AM CDT

CVE-2026-42366

7.4/10 · Worth your time

NVDvuln

Summary
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability.

CVECVE-2026-42366

SeverityHIGH

TypeNEW

PublishedMon, May 04 · 01:16 AM CDT

ModifiedMon, May 04 · 01:16 AM CDT

Open article ↗

Mon, May 04 · 01:16 AM CDT

CVE-2026-7371

7.4/10 · Worth your time

NVDvuln

Summary
Multiple reflected cross-site scripting (xss) vulnerabilities exist in the Web Interface / ssi.cgi functionality of GeoVision LPC2011/LPC2211 1.10. A specially crafted malicious url can lead to an arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability. Reflected XXS via

CVECVE-2026-7371

SeverityHIGH

TypeNEW

PublishedMon, May 04 · 01:16 AM CDT

ModifiedMon, May 04 · 01:16 AM CDT

Open article ↗

Sun, May 03 · 12:15 PM CDT

CVE-2026-7694

7.3/10 · Worth your time

NVDvuln

Summary
A flaw has been found in Acrel Electrical ECEMS Enterprise Microgrid Energy Efficiency Management System 1.3.0. The impacted element is an unknown function of the file /SubstationWEBV2/main/elecMaxMinAvgValue. Executing a manipulation of the argument fCircuitids can lead to sql injection. The attack can be launched rem

CVECVE-2026-7694

SeverityHIGH

TypeNEW

PublishedSun, May 03 · 12:15 PM CDT

ModifiedSun, May 03 · 12:15 PM CDT

Open article ↗

Ignore today

Generic low-detail roundups without primary reporting.
HN items that are interesting but not clearly security or AI relevant.
Creator videos that look more like promotion, podcast chatter, or evergreen content than time-sensitive signal outside the rolling window.