Archive snapshot

Thu, May 28 · 06:01 PM CDT

Archived briefing content rendered inside the ACSP site experience.

Back to archive

Archived briefing

Snapshot overview

Generated Thu, May 28 · 06:00 PM CDTWindow last 6 hours

Top line

Coverage now updates on a rolling 6-hour window, while NVD entries come from the live API using a last-24-hours modified window and are sorted by severity.

Fast take

News stays on the current 6-hour slice, videos now use the last 24 hours, and NVD uses the API instead of the traditional feed to better match the live site behavior.

Top stories

5

Worth skimming

5

Tracked videos

1

NVD vulnerabilities

25

Top stories

Thu, May 28 · 05:00 PM CDT

GitHub bans security researcher who posted zero-day Windows exploits

9.8/10 · Must read/watch

Hacker Newsvulnsupply-chain

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 1 hour ago.

Open article ↗

Thu, 28 May 2026 22:54:44 +0530

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

9.2/10 · Must read/watch

The Hacker Newsvulnaiidentity

Summary
A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions. The security flaw, per Rapid7, is rated 9.4 on the CVSS scoring s

Open article ↗

Thu, May 28 · 02:00 PM CDT

Anthropic raises $65B in Series H funding at $965B post-money valuation

8.9/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 4 hours ago.

Open article ↗

Thu, May 28 · 03:00 PM CDT

Various LLM Smells

8.2/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 3 hours ago.

Open article ↗

Thu, May 28 · 06:00 PM CDT

Chinese Threat Actors Ditch Static Phishing Pages for Live Credential Interception

8.0/10 · Worth your time

Infosecurity Magazineidentity

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Worth skimming

Thu, May 28 · 12:00 PM CDT

Show HN: Ktx – Open-source executable context layer for data agents

8.0/10 · Worth your time

Hacker Newsgeneral

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 6 hours ago.

Open article ↗

Thu, May 28 · 06:00 PM CDT

GCHQ Chief Urges Action as AI Reshapes Cyber Threats

7.8/10 · Worth your time

Infosecurity Magazineai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Thu, May 28 · 06:00 PM CDT

Attackers Move Past Typosquatting to Realistic Package Impersonation

7.7/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Thu, May 28 · 06:00 PM CDT

Microsoft Condemns "Uncoordinated" Zero Day Disclosures

7.7/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Thu, May 28 · 06:00 PM CDT

New Threat Actor Jinx-0164 Targets Crypto Developers on macOS

7.7/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Videos worth watching

Thu, May 28 · 01:52 PM CDT

Payload Podcast 007 with Andy Piazza (klrgrz)

7.4/10 · Worth your time

YouTube / John Hammondgeneral

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

NVD vulnerabilities

Fri, May 22 · 11:16 PM CDT

CVE-2026-23652

10.0/10 · Must read/watch

NVDvuln

Summary
Improper neutralization of special elements used in a command ('command injection') in Microsoft Power Pages allows an unauthorized attacker to execute code over a network.

CVECVE-2026-23652

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 22 · 11:16 PM CDT

ModifiedWed, May 27 · 05:01 PM CDT

Open article ↗

Fri, May 22 · 11:16 PM CDT

CVE-2026-40412

10.0/10 · Must read/watch

NVDvuln

Summary
Unrestricted upload of file with dangerous type in Azure Orbital Spatio allows an unauthorized attacker to execute code over a network.

CVECVE-2026-40412

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 22 · 11:16 PM CDT

ModifiedWed, May 27 · 04:37 PM CDT

Open article ↗

Fri, May 22 · 11:16 PM CDT

CVE-2026-40411

9.9/10 · Must read/watch

NVDvuln

Summary
Improper input validation in Azure Virtual Network Gateway allows an authorized attacker to execute code over a network.

CVECVE-2026-40411

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 22 · 11:16 PM CDT

ModifiedWed, May 27 · 04:47 PM CDT

Open article ↗

Mon, Nov 09 · 05:30 PM CST

CVE-2009-3555

9.8/10 · Must read/watch

NVDvuln

Summary
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and o

CVECVE-2009-3555

SeverityCRITICAL

TypeUPDATED

PublishedMon, Nov 09 · 05:30 PM CST

ModifiedWed, May 27 · 05:16 PM CDT

Open article ↗

Thu, Jul 02 · 09:59 PM CDT

CVE-2015-0192

9.8/10 · Must read/watch

NVDvuln

Summary
Unspecified vulnerability in IBM Java 8 before SR1, 7 R1 before SR2 FP11, 7 before SR9, 6 R1 before SR8 FP4, 6 before SR16 FP4, and 5.0 before SR16 FP10 allows remote attackers to gain privileges via unknown vectors related to the Java Virtual Machine.

CVECVE-2015-0192

SeverityCRITICAL

TypeUPDATED

PublishedThu, Jul 02 · 09:59 PM CDT

ModifiedWed, May 27 · 05:16 PM CDT

Open article ↗

Sun, May 17 · 01:16 PM CDT

CVE-2018-25332

9.8/10 · Must read/watch

NVDvuln

Summary
GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR plugin via the git-lfs end

CVECVE-2018-25332

SeverityCRITICAL

TypeUPDATED

PublishedSun, May 17 · 01:16 PM CDT

ModifiedWed, May 27 · 08:44 PM CDT

Open article ↗

Tue, Jan 18 · 04:15 PM CST

CVE-2022-23305

9.8/10 · Must read/watch

NVDvuln

Summary
By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. The message converter, %m, is likely to always be included. This allows attackers to manipulate the SQL by entering crafted strings into input fields or hea

CVECVE-2022-23305

SeverityCRITICAL

TypeUPDATED

PublishedTue, Jan 18 · 04:15 PM CST

ModifiedWed, May 27 · 02:16 PM CDT

Open article ↗

Thu, May 14 · 07:16 PM CDT

CVE-2026-41315

9.8/10 · Must read/watch

NVDvuln

Summary
mdserver-web is a simple Linux panel. From 0.18.0 to 0.18.4, mdserver-web has a front-end unauthorized remote command execution vulnerability. Due to the lack of authentication on the /modify_crond and /start_task interfaces, it is possible to modify the default built-in scheduled tasks and start them, achieving RCE.

CVECVE-2026-41315

SeverityCRITICAL

TypeUPDATED

PublishedThu, May 14 · 07:16 PM CDT

ModifiedWed, May 27 · 03:01 PM CDT

Open article ↗

Mon, May 04 · 06:16 PM CDT

CVE-2026-42796

9.8/10 · Must read/watch

NVDvuln

Summary
Arelle before 2.39.10 contains an unauthenticated remote code execution vulnerability in the /rest/configure REST endpoint that accepts a plugins query parameter and forwards it to the plugin manager without authentication or authorization. Attackers can supply a URL to a malicious Python file through the plugins param

CVECVE-2026-42796

SeverityCRITICAL

TypeUPDATED

PublishedMon, May 04 · 06:16 PM CDT

ModifiedWed, May 27 · 06:54 PM CDT

Open article ↗

Tue, May 12 · 06:17 PM CDT

CVE-2026-44277

9.8/10 · Must read/watch

NVDvuln

Summary
A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6.8, FortiAuthenticator 6.5.0 through 6.5.6 may allow attacker to execute unauthorized code or commands via crafted requests.

CVECVE-2026-44277

SeverityCRITICAL

TypeUPDATED

PublishedTue, May 12 · 06:17 PM CDT

ModifiedThu, May 28 · 10:16 AM CDT

Open article ↗

Fri, May 15 · 09:16 AM CDT

CVE-2026-8398

9.8/10 · Must read/watch

NVDvuln

Summary
A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows versions 12.5.0.2421 through 12.5.0.2434), distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorized access to the vendor's (AVB Disc Soft)

CVECVE-2026-8398

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 15 · 09:16 AM CDT

ModifiedWed, May 27 · 07:16 PM CDT

Open article ↗

Tue, May 19 · 11:16 PM CDT

CVE-2026-8495

9.8/10 · Must read/watch

NVDvuln

Summary
Missing Authorization vulnerability in Drupal Date iCal allows Forceful Browsing. This issue affects Date iCal: from 0.0.0 before 4.0.15.

CVECVE-2026-8495

SeverityCRITICAL

TypeUPDATED

PublishedTue, May 19 · 11:16 PM CDT

ModifiedWed, May 27 · 03:14 PM CDT

Open article ↗

Fri, May 22 · 04:16 PM CDT

CVE-2026-39821

9.6/10 · Must read/watch

NVDvuln

Summary
The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode("xn--example-.com") incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in programs using the idna package. For example, a

CVECVE-2026-39821

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 22 · 04:16 PM CDT

ModifiedWed, May 27 · 02:16 PM CDT

Open article ↗

Tue, May 12 · 01:16 AM CDT

CVE-2026-45321

9.6/10 · Must read/watch

NVDvuln

Summary
On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 @tanstack/* packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for TanStack/router, but the publish workflow itself was not modified. The

CVECVE-2026-45321

SeverityCRITICAL

TypeUPDATED

PublishedTue, May 12 · 01:16 AM CDT

ModifiedWed, May 27 · 08:18 PM CDT

Open article ↗

Fri, May 22 · 11:16 PM CDT

CVE-2026-33843

9.1/10 · Must read/watch

NVDvuln

Summary
Authentication bypass using an alternate path or channel in Microsoft Azure Active Directory B2C allows an unauthorized attacker to elevate privileges over a network.

CVECVE-2026-33843

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 22 · 11:16 PM CDT

ModifiedWed, May 27 · 04:50 PM CDT

Open article ↗

Wed, Jul 29 · 05:30 PM CDT

CVE-2009-0901

8.8/10 · Worth your time

NVDvuln

Summary
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninit

CVECVE-2009-0901

SeverityHIGH

TypeUPDATED

PublishedWed, Jul 29 · 05:30 PM CDT

ModifiedWed, May 27 · 05:16 PM CDT

Open article ↗

Wed, Jul 29 · 05:30 PM CDT

CVE-2009-2493

8.8/10 · Worth your time

NVDvuln

Summary
The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoa

CVECVE-2009-2493

SeverityHIGH

TypeUPDATED

PublishedWed, Jul 29 · 05:30 PM CDT

ModifiedWed, May 27 · 05:16 PM CDT

Open article ↗

Tue, Mar 10 · 10:16 PM CDT

CVE-2026-28806

8.8/10 · Worth your time

NVDvuln

Summary
Improper Authorization vulnerability in nerves-hub nerves_hub_web allows cross-organization device control via device bulk actions and device update API. Missing authorization checks in the device bulk actions and device update API endpoints allow authenticated users to target devices belonging to other organizations a

CVECVE-2026-28806

SeverityHIGH

TypeUPDATED

PublishedTue, Mar 10 · 10:16 PM CDT

ModifiedWed, May 27 · 01:47 PM CDT

Open article ↗

Fri, May 22 · 11:16 PM CDT

CVE-2026-35430

8.8/10 · Worth your time

NVDvuln

Summary
Authorization bypass through user-controlled key in Azure Privileged Identity Management (PIM) allows an authorized attacker to elevate privileges over a network.

CVECVE-2026-35430

SeverityHIGH

TypeUPDATED

PublishedFri, May 22 · 11:16 PM CDT

ModifiedWed, May 27 · 04:48 PM CDT

Open article ↗

Mon, May 11 · 05:16 PM CDT

CVE-2026-42843

8.8/10 · Worth your time

NVDvuln

Summary
Grav API Plugin is a RESTful API for Grav CMS that provides full headless access to your site's content, media, configuration, users, and system management. Prior to 1.0.0-beta.15, an insecure direct object reference and logic flaw in the Grav API plugin (UsersController::update) allows any authenticated user with basi

CVECVE-2026-42843

SeverityHIGH

TypeUPDATED

PublishedMon, May 11 · 05:16 PM CDT

ModifiedWed, May 27 · 07:07 PM CDT

Open article ↗

Wed, Apr 15 · 08:16 PM CDT

CVE-2026-6303

8.8/10 · Worth your time

NVDvuln

Summary
Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

CVECVE-2026-6303

SeverityHIGH

TypeUPDATED

PublishedWed, Apr 15 · 08:16 PM CDT

ModifiedWed, May 27 · 06:16 PM CDT

Open article ↗

Wed, Apr 15 · 08:16 PM CDT

CVE-2026-6305

8.8/10 · Worth your time

NVDvuln

Summary
Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)

CVECVE-2026-6305

SeverityHIGH

TypeUPDATED

PublishedWed, Apr 15 · 08:16 PM CDT

ModifiedWed, May 27 · 06:16 PM CDT

Open article ↗

Wed, Apr 15 · 08:16 PM CDT

CVE-2026-6316

8.8/10 · Worth your time

NVDvuln

Summary
Use after free in Forms in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

CVECVE-2026-6316

SeverityHIGH

TypeUPDATED

PublishedWed, Apr 15 · 08:16 PM CDT

ModifiedWed, May 27 · 06:16 PM CDT

Open article ↗

Wed, Apr 15 · 08:16 PM CDT

CVE-2026-6318

8.8/10 · Worth your time

NVDvuln

Summary
Use after free in Codecs in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

CVECVE-2026-6318

SeverityHIGH

TypeUPDATED

PublishedWed, Apr 15 · 08:16 PM CDT

ModifiedWed, May 27 · 06:16 PM CDT

Open article ↗

Wed, Apr 15 · 08:16 PM CDT

CVE-2026-6358

8.8/10 · Worth your time

NVDvuln

Summary
Use after free in XR in Google Chrome on Android prior to 147.0.7727.101 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Critical)

CVECVE-2026-6358

SeverityHIGH

TypeUPDATED

PublishedWed, Apr 15 · 08:16 PM CDT

ModifiedWed, May 27 · 06:16 PM CDT

Open article ↗

Ignore today

Generic low-detail roundups without primary reporting.
HN items that are interesting but not clearly security or AI relevant.
Creator videos that look more like promotion, podcast chatter, or evergreen content than time-sensitive signal outside the rolling window.