Archive snapshot

Tue, May 19 · 06:00 AM CDT

Archived briefing content rendered inside the ACSP site experience.

Back to archive

Archived briefing

Snapshot overview

Generated Tue, May 19 · 06:00 AM CDTWindow last 6 hours

Top line

Coverage now updates on a rolling 6-hour window, while NVD entries come from the live API using a last-24-hours modified window and are sorted by severity.

Fast take

News stays on the current 6-hour slice, videos now use the last 24 hours, and NVD uses the API instead of the traditional feed to better match the live site behavior.

Top stories

5

Worth skimming

5

Tracked videos

3

NVD vulnerabilities

25

Top stories

Tue, 19 May 2026 10:58:06 +0530

Popular GitHub Action Tags Redirected to Imposter Commit to Steal CI/CD Credentials

9.7/10 · Must read/watch

The Hacker Newssupply-chainaiidentity

Summary
In yet another software supply chain attack, threat actors have compromised the popular GitHub Actions workflow, actions-cool/issues-helper, to run malicious code that harvests sensitive credentials and exfiltrates them to an attacker-controlled server. "Every

Open article ↗

Tue, May 19 · 01:00 AM CDT

Mini Shai-Hulud Strikes Again: 314 npm Packages Compromised

9.2/10 · Must read/watch

Hacker Newssupply-chainai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 5 hours ago.

Open article ↗

Tue, 19 May 2026 13:19:23 +0530

Compromised Nx Console 18.95.0 Targeted VS Code Developers with Credential Stealer

8.9/10 · Worth your time

The Hacker Newsidentity

Summary
Cybersecurity researchers have flagged a compromised version of the Nx Console extension that was published to the Microsoft Visual Studio Code (VS Code) Marketplace. The extension in question is rwl.angular-console (version 18.95.0), a popular user interface

Open article ↗

Tue, 19 May 2026 14:53:15 +0530

SEPPMail Secure E-Mail Gateway Vulnerabilities Enable RCE and Mail Traffic Access

8.6/10 · Worth your time

The Hacker Newsvulnai

Summary
Critical security vulnerabilities have been disclosed in SEPPMail Secure E-Mail Gateway, an enterprise-grade email security solution, that could be exploited to achieve remote code execution and enable an attacker to read arbitrary mails from the virtual appli

Open article ↗

Tue, May 19 · 06:00 AM CDT

Mustang Panda Linked to Updated FDMTP Backdoor in Asia-Pacific Espionage Campaign

8.2/10 · Worth your time

Infosecurity Magazineai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Worth skimming

Tue, May 19 · 06:00 AM CDT

Grafana Labs Confirms Hackers Stole Source Code

8.2/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, May 19 · 06:00 AM CDT

Hackers Bypass Security Tools to Target Users Directly

8.2/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, May 19 · 06:00 AM CDT

China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer

8.0/10 · Worth your time

Infosecurity Magazinemalwareai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, May 19 · 06:00 AM CDT

Security Researchers Find 47 Zero-Days at Pwn2Own Berlin

7.8/10 · Worth your time

Infosecurity Magazinevuln

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, May 19 · 06:00 AM CDT

Microsoft Reports Severe Zero-Day Flaw in On-Prem Exchange Servers

7.8/10 · Worth your time

Infosecurity Magazinevuln

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Videos worth watching

Mon, May 18 · 07:49 AM CDT

This GitHub README Hijacks Your AI and Spreads Like a Virus

8.7/10 · Worth your time

YouTube / NahamSecsupply-chainai

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

Mon, May 18 · 08:01 AM CDT

I Built an AI Cybersecurity Research Factory (for CTFs & Vulnerabilities)

8.1/10 · Worth your time

YouTube / John Hammondai

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

Mon, May 18 · 07:44 AM CDT

New video: hacking AI coding assistants and IDEs. #bugbounty #ai

7.9/10 · Worth your time

YouTube / NahamSecai

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

NVD vulnerabilities

Thu, Mar 02 · 12:15 PM CST

CVE-2021-3854

9.8/10 · Must read/watch

NVDvuln

Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Glox Technology Useroam Hotspot allows SQL Injection. This issue affects Useroam Hotspot: before 5.1.0.15.

CVECVE-2021-3854

SeverityCRITICAL

TypeUPDATED

PublishedThu, Mar 02 · 12:15 PM CST

ModifiedMon, May 18 · 12:16 PM CDT

Open article ↗

Fri, Feb 24 · 12:15 PM CST

CVE-2021-4105

9.8/10 · Must read/watch

NVDvuln

Summary
Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code Inclusion. This issue affects COSLAT Firewall: from 5.24.0.R.20180630 before 5.24.0.R.20210727.

CVECVE-2021-4105

SeverityCRITICAL

TypeUPDATED

PublishedFri, Feb 24 · 12:15 PM CST

ModifiedMon, May 18 · 01:16 PM CDT

Open article ↗

Fri, Feb 18 · 02:15 PM CST

CVE-2022-0664

9.8/10 · Must read/watch

NVDvuln

Summary
Use of Hard-coded Cryptographic Key in Go github.com/gravitl/netmaker prior to 0.8.5,0.9.4,0.10.0,0.10.1.

CVECVE-2022-0664

SeverityCRITICAL

TypeUPDATED

PublishedFri, Feb 18 · 02:15 PM CST

ModifiedMon, May 18 · 04:44 PM CDT

Open article ↗

Sun, Feb 12 · 04:15 AM CST

CVE-2022-45088

9.8/10 · Must read/watch

NVDvuln

Summary
Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows PHP Local File Inclusion. This issue affects Smartpower Web: before 23.01.01.

CVECVE-2022-45088

SeverityCRITICAL

TypeUPDATED

PublishedSun, Feb 12 · 04:15 AM CST

ModifiedMon, May 18 · 04:16 PM CDT

Open article ↗

Sun, Feb 12 · 04:15 AM CST

CVE-2022-4557

9.8/10 · Must read/watch

NVDvuln

Summary
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01.

CVECVE-2022-4557

SeverityCRITICAL

TypeUPDATED

PublishedSun, Feb 12 · 04:15 AM CST

ModifiedMon, May 18 · 04:16 PM CDT

Open article ↗

Tue, Apr 28 · 04:16 PM CDT

CVE-2025-60889

9.8/10 · Must read/watch

NVDvuln

Summary
Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.

CVECVE-2025-60889

SeverityCRITICAL

TypeUPDATED

PublishedTue, Apr 28 · 04:16 PM CDT

ModifiedMon, May 18 · 06:23 PM CDT

Open article ↗

Thu, Mar 05 · 07:16 AM CST

CVE-2026-2743

9.8/10 · Must read/watch

NVDvuln

Summary
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer (LFT). This issue affects SeppMail: 15.0.2.1 and before

CVECVE-2026-2743

SeverityCRITICAL

TypeUPDATED

PublishedThu, Mar 05 · 07:16 AM CST

ModifiedMon, May 18 · 05:16 PM CDT

Open article ↗

Tue, Apr 21 · 09:16 PM CDT

CVE-2026-33518

9.8/10 · Must read/watch

NVDvuln

Summary
An incorrect privilege assignment vulnerability exists in Esri Portal for ArcGIS 11.5 in Windows and Linux that allows highly privileged users to create developer credentials that may grant more privileges than expected.

CVECVE-2026-33518

SeverityCRITICAL

TypeUPDATED

PublishedTue, Apr 21 · 09:16 PM CDT

ModifiedMon, May 18 · 06:20 PM CDT

Open article ↗

Tue, Apr 21 · 09:16 PM CDT

CVE-2026-33519

9.8/10 · Must read/watch

NVDvuln

Summary
An incorrect authorization vulnerability exists in Esri Portal for ArcGIS 11.4, 11.5 and 12.0 on Windows, Linux and Kubernetes that did not correctly check permissions assigned to developer credentials.

CVECVE-2026-33519

SeverityCRITICAL

TypeUPDATED

PublishedTue, Apr 21 · 09:16 PM CDT

ModifiedMon, May 18 · 06:19 PM CDT

Open article ↗

Fri, May 01 · 05:16 PM CDT

CVE-2026-37531

9.8/10 · Must read/watch

NVDvuln

Summary
AGL app-framework-main thru 17.1.12 contains a Zip Slip path traversal vulnerability (CWE-22) combined with a TOCTOU race condition (CWE-367) in the widget installation flow. The is_valid_filename function in wgtpkg-zip.c validates ZIP entry names but does not check for dot notation directory traversal sequences it onl

CVECVE-2026-37531

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 01 · 05:16 PM CDT

ModifiedMon, May 18 · 05:12 PM CDT

Open article ↗

Wed, Apr 29 · 12:16 PM CDT

CVE-2026-42248

9.8/10 · Must read/watch

NVDvuln

Summary
Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. Unlike other platforms, the Windows implementation of the update verification routine unconditionally returns success so no digital signature or trust validation is performed before staging or executing update p

CVECVE-2026-42248

SeverityCRITICAL

TypeUPDATED

PublishedWed, Apr 29 · 12:16 PM CDT

ModifiedMon, May 18 · 06:22 PM CDT

Open article ↗

Wed, Apr 29 · 12:16 PM CDT

CVE-2026-42249

9.8/10 · Must read/watch

NVDvuln

Summary
Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP response headers. When downloading updates, the application constructs local file paths using values derived from HTTP headers without validation. These values are passed direct

CVECVE-2026-42249

SeverityCRITICAL

TypeUPDATED

PublishedWed, Apr 29 · 12:16 PM CDT

ModifiedMon, May 18 · 06:23 PM CDT

Open article ↗

Sat, May 09 · 08:16 PM CDT

CVE-2026-42257

9.8/10 · Must read/watch

NVDvuln

Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, several Net::IMAP commands accept a raw string argument that is sent to the server without validation or escaping. If this string is derived from user-controlled input, it may contain

CVECVE-2026-42257

SeverityCRITICAL

TypeUPDATED

PublishedSat, May 09 · 08:16 PM CDT

ModifiedMon, May 18 · 05:59 PM CDT

Open article ↗

Sat, May 09 · 08:16 PM CDT

CVE-2026-42258

9.8/10 · Must read/watch

NVDvuln

Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This issue has been patched in versions 0.4.24, 0

CVECVE-2026-42258

SeverityCRITICAL

TypeUPDATED

PublishedSat, May 09 · 08:16 PM CDT

ModifiedMon, May 18 · 06:02 PM CDT

Open article ↗

Sat, Apr 25 · 06:16 AM CDT

CVE-2026-6951

9.8/10 · Must read/watch

NVDvuln

Summary
Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-3112221) that blocks the -c option but not the equivalent --config form. If untrusted input can reach the options argument passed t

CVECVE-2026-6951

SeverityCRITICAL

TypeUPDATED

PublishedSat, Apr 25 · 06:16 AM CDT

ModifiedMon, May 18 · 06:20 PM CDT

Open article ↗

Fri, May 08 · 11:16 PM CDT

CVE-2026-42354

9.1/10 · Must read/watch

NVDvuln

Summary
Sentry is an error tracking and performance monitoring tool. From version 21.12.0 to before version 26.4.1, a critical vulnerability was discovered in the SAML SSO implementation of Sentry. The vulnerability allows an attacker to take over any user account by using a malicious SAML Identity Provider and another organiz

CVECVE-2026-42354

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 08 · 11:16 PM CDT

ModifiedMon, May 18 · 02:43 PM CDT

Open article ↗

Fri, May 08 · 11:16 PM CDT

CVE-2026-42556

8.9/10 · Worth your time

NVDvuln

Summary
Postiz is an AI social media scheduling tool. From version 2.21.6 to before version 2.21.7, any authenticated user who can create a post can store arbitrary HTML in post content by tampering their own save request and send the public preview link /p/ ?share=true to another user. The preview page renders that stored HTM

CVECVE-2026-42556

SeverityHIGH

TypeUPDATED

PublishedFri, May 08 · 11:16 PM CDT

ModifiedMon, May 18 · 02:27 PM CDT

Open article ↗

Wed, Mar 01 · 08:15 AM CST

CVE-2021-3855

8.8/10 · Worth your time

NVDvuln

Summary
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Liman Central Management System Liman MYS (HTTP/Controllers, CronMail, Jobs modules) allows Command Injection. This issue affects Liman Central Management System: from 1.7.0 before 1.8.3-462.

CVECVE-2021-3855

SeverityHIGH

TypeUPDATED

PublishedWed, Mar 01 · 08:15 AM CST

ModifiedMon, May 18 · 01:16 PM CDT

Open article ↗

Fri, Sep 09 · 08:15 PM CDT

CVE-2022-36110

8.8/10 · Worth your time

NVDvuln

Summary
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions via the API. This prob

CVECVE-2022-36110

SeverityHIGH

TypeUPDATED

PublishedFri, Sep 09 · 08:15 PM CDT

ModifiedMon, May 18 · 04:44 PM CDT

Open article ↗

Sun, Feb 12 · 04:15 AM CST

CVE-2022-45089

8.8/10 · Worth your time

NVDvuln

Summary
Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01.

CVECVE-2022-45089

SeverityHIGH

TypeUPDATED

PublishedSun, Feb 12 · 04:15 AM CST

ModifiedMon, May 18 · 04:16 PM CDT

Open article ↗

Sun, Feb 12 · 04:15 AM CST

CVE-2022-45090

8.8/10 · Worth your time

NVDvuln

Summary
Improper Input Validation vulnerability in Group Arge Energy and Control Systems Smartpower Web allows SQL Injection. This issue affects Smartpower Web: before 23.01.01.

CVECVE-2022-45090

SeverityHIGH

TypeUPDATED

PublishedSun, Feb 12 · 04:15 AM CST

ModifiedMon, May 18 · 04:16 PM CDT

Open article ↗

Thu, Aug 24 · 11:15 PM CDT

CVE-2023-32079

8.8/10 · Worth your time

NVDvuln

Summary
Netmaker makes networks with WireGuard. A Mass assignment vulnerability was found in versions prior to 0.17.1 and 0.18.6 that allows a non-admin user to escalate privileges to those of an admin user. The issue is patched in 0.17.1 and fixed in 0.18.6. If Users are using 0.17.1, they should run `docker pull gravitl/netm

CVECVE-2023-32079

SeverityHIGH

TypeUPDATED

PublishedThu, Aug 24 · 11:15 PM CDT

ModifiedMon, May 18 · 04:44 PM CDT

Open article ↗

Fri, May 08 · 10:16 PM CDT

CVE-2026-41486

8.8/10 · Worth your time

NVDvuln

Summary
Ray is an AI compute engine. From version 2.54.0 to before version 2.55.0, Ray Data registers custom Arrow extension types (ray.data.arrow_tensor, ray.data.arrow_tensor_v2, ray.data.arrow_variable_shaped_tensor) globally in PyArrow. When PyArrow reads a Parquet file containing one of these extension types, it calls __a

CVECVE-2026-41486

SeverityHIGH

TypeUPDATED

PublishedFri, May 08 · 10:16 PM CDT

ModifiedMon, May 18 · 06:30 PM CDT

Open article ↗

Thu, Jan 27 · 01:15 PM CST

CVE-2021-44793

8.6/10 · Worth your time

NVDvuln

Summary
Single Connect does not perform an authorization check when using the sc-reports-ui" module. A remote attacker could exploit this vulnerability to access the device configuration page and export the data to an external file. The exploitation of this vulnerability might allow a remote attacker to obtain sensitive inform

CVECVE-2021-44793

SeverityHIGH

TypeUPDATED

PublishedThu, Jan 27 · 01:15 PM CST

ModifiedMon, May 18 · 01:16 PM CDT

Open article ↗

Thu, Mar 26 · 09:17 PM CDT

CVE-2026-0966

8.2/10 · Worth your time

NVDvuln

Summary
A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length input. This can be exploited remotely by an attacker during GSSAPI (Generic Security Service Application Program Interface) authentication if the server's logging verbosity is set to `SSH_LOG_P

CVECVE-2026-0966

SeverityHIGH

TypeUPDATED

PublishedThu, Mar 26 · 09:17 PM CDT

ModifiedTue, May 19 · 10:16 AM CDT

Open article ↗

Ignore today

Generic low-detail roundups without primary reporting.
HN items that are interesting but not clearly security or AI relevant.
Creator videos that look more like promotion, podcast chatter, or evergreen content than time-sensitive signal outside the rolling window.