Archive snapshot

Fri, May 29 · 06:00 AM CDT

Archived briefing content rendered inside the ACSP site experience.

Back to archive

Archived briefing

Snapshot overview

Generated Fri, May 29 · 06:00 AM CDTWindow last 6 hours

Top line

Coverage now updates on a rolling 6-hour window, while NVD entries come from the live API using a last-24-hours modified window and are sorted by severity.

Fast take

News stays on the current 6-hour slice, videos now use the last 24 hours, and NVD uses the API instead of the traditional feed to better match the live site behavior.

Top stories

5

Worth skimming

5

Tracked videos

1

NVD vulnerabilities

25

Top stories

Fri, May 29 · 06:00 AM CDT

AI-Generated npm Malware Leaks Its Own GitHub Token

9.8/10 · Must read/watch

Infosecurity Magazinemalwaresupply-chainai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Fri, 29 May 2026 14:41:25 +0530

Malicious Sicoob NuGet Steals Banking Credentials as npm Packages Target Cloud Secrets

9.8/10 · Must read/watch

The Hacker Newssupply-chainidentity

Summary
Cybersecurity researchers have discovered a malicious NuGet package that masquerades as a C# software development kit for Sicoob, one of Brazil's largest cooperative financial systems, to siphon client IDs and PFX certificates. According to Socket, versions 2.

Open article ↗

Fri, May 29 · 06:00 AM CDT

Chinese Hackers Exploit Iran War to Target Maritime and Energy Companies

9.4/10 · Must read/watch

Infosecurity Magazinevuln

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Fri, May 29 · 06:00 AM CDT

Infosecurity Europe: CyCOS Project Expands to Support UK SMEs as CIISec Takes Over

8.2/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Fri, May 29 · 05:00 AM CDT

Real-time LLM Inference on Standard GPUs: 3k tokens/s per request

8.2/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 1 hour ago.

Open article ↗

Worth skimming

Fri, 29 May 2026 11:27:41 +0530

Kimsuky Deploys HTTPSpy, Expands Arsenal with HelloDoor and VS Code Tunnels

8.1/10 · Worth your time

The Hacker Newsai

Summary
The North Korean state-sponsored threat actor known as Kimsuky (aka Velvet Chollima) has been attributed to a fresh set of cyber attacks targeting South Korean military and corporate entities through March and April 2026. "Kimsuky employed a range of tailored

Open article ↗

Fri, May 29 · 03:00 AM CDT

Orchestrating AI code review at scale

8.1/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 3 hours ago.

Open article ↗

Fri, May 29 · 01:00 AM CDT

Volkswagen blocks Home Assistant by requiring client assertion

7.6/10 · Worth your time

Hacker Newsgeneral

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 5 hours ago.

Open article ↗

Fri, May 29 · 04:00 AM CDT

Barthelme, the Houstonian

7.6/10 · Worth your time

Hacker Newsgeneral

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 2 hours ago.

Open article ↗

Fri, May 29 · 01:00 AM CDT

Avoid Using "< [Cdata[ ]]>" in RSS

7.6/10 · Worth your time

Hacker Newsgeneral

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 5 hours ago.

Open article ↗

Videos worth watching

Fri, May 29 · 02:57 AM CDT

Payload Podcast 007 with Andy Piazza (klrgrz)

7.4/10 · Worth your time

YouTube / John Hammondgeneral

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

NVD vulnerabilities

Mon, Jan 05 · 08:30 PM CST

CVE-2004-2761

9.8/10 · Must read/watch

NVDvuln

Summary
The MD5 Message-Digest Algorithm is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of MD5 in the signature algorithm of an X.509 certificate.

CVECVE-2004-2761

SeverityCRITICAL

TypeUPDATED

PublishedMon, Jan 05 · 08:30 PM CST

ModifiedThu, May 28 · 07:16 PM CDT

Open article ↗

Thu, Aug 05 · 01:22 PM CDT

CVE-2010-2965

9.8/10 · Must read/watch

NVDvuln

Summary
The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-ENBT series A with firmware 3.2.6 and 3.6.1 and other products, allows remote attackers to read or modify arbitrary memory locations, perform function calls, or manage tasks via requests to UDP port 1

CVECVE-2010-2965

SeverityCRITICAL

TypeUPDATED

PublishedThu, Aug 05 · 01:22 PM CDT

ModifiedThu, May 28 · 08:16 PM CDT

Open article ↗

Mon, Dec 06 · 10:30 PM CST

CVE-2010-4478

9.8/10 · Must read/watch

NVDvuln

Summary
OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a related issue to CVE-20

CVECVE-2010-4478

SeverityCRITICAL

TypeUPDATED

PublishedMon, Dec 06 · 10:30 PM CST

ModifiedThu, May 28 · 08:16 PM CDT

Open article ↗

Fri, Jun 30 · 03:29 AM CDT

CVE-2017-6034

9.8/10 · Must read/watch

NVDvuln

Summary
An Authentication Bypass by Capture-Replay issue was discovered in Schneider Electric Modicon Modbus Protocol. Sensitive information is transmitted in cleartext in the Modicon Modbus protocol, which may allow an attacker to replay the following commands: run, stop, upload, and download.

CVECVE-2017-6034

SeverityCRITICAL

TypeUPDATED

PublishedFri, Jun 30 · 03:29 AM CDT

ModifiedThu, May 28 · 08:16 PM CDT

Open article ↗

Wed, Apr 10 · 08:29 PM CDT

CVE-2019-11068

9.8/10 · Must read/watch

NVDvuln

Summary
libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receiving a -1 error code. xsltCheckRead can return -1 for a crafted URL that is not actually invalid and is subsequently loaded.

CVECVE-2019-11068

SeverityCRITICAL

TypeUPDATED

PublishedWed, Apr 10 · 08:29 PM CDT

ModifiedThu, May 28 · 07:16 PM CDT

Open article ↗

Fri, Dec 20 · 05:15 PM CST

CVE-2019-17571

9.8/10 · Must read/watch

NVDvuln

Summary
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17.

CVECVE-2019-17571

SeverityCRITICAL

TypeUPDATED

PublishedFri, Dec 20 · 05:15 PM CST

ModifiedThu, May 28 · 07:16 PM CDT

Open article ↗

Wed, Apr 22 · 07:15 PM CDT

CVE-2020-7489

9.8/10 · Must read/watch

NVDvuln

Summary
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability exists on EcoStruxure Machine Expert – Basic or SoMachine Basic programming software (versions in security notification). The result of this vulnerability, DLL substitution, could allow the transfe

CVECVE-2020-7489

SeverityCRITICAL

TypeUPDATED

PublishedWed, Apr 22 · 07:15 PM CDT

ModifiedThu, May 28 · 09:16 PM CDT

Open article ↗

Fri, Mar 17 · 04:15 AM CDT

CVE-2023-28531

9.8/10 · Must read/watch

NVDvuln

Summary
ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints. The earliest affected version is 8.9.

CVECVE-2023-28531

SeverityCRITICAL

TypeUPDATED

PublishedFri, Mar 17 · 04:15 AM CDT

ModifiedThu, May 28 · 07:16 PM CDT

Open article ↗

Tue, Nov 07 · 04:15 PM CST

CVE-2023-47359

9.8/10 · Must read/watch

NVDvuln

Summary
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.

CVECVE-2023-47359

SeverityCRITICAL

TypeUPDATED

PublishedTue, Nov 07 · 04:15 PM CST

ModifiedThu, May 28 · 07:16 PM CDT

Open article ↗

Fri, Jan 16 · 03:15 AM CST

CVE-2025-62582

9.8/10 · Must read/watch

NVDvuln

Summary
Delta Electronics DIAView has multiple vulnerabilities.

CVECVE-2025-62582

SeverityCRITICAL

TypeUPDATED

PublishedFri, Jan 16 · 03:15 AM CST

ModifiedFri, May 29 · 04:17 AM CDT

Open article ↗

Tue, May 12 · 08:16 PM CDT

CVE-2026-45185

9.8/10 · Must read/watch

NVDvuln

Summary
Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap corruption. An una

CVECVE-2026-45185

SeverityCRITICAL

TypeUPDATED

PublishedTue, May 12 · 08:16 PM CDT

ModifiedThu, May 28 · 06:46 PM CDT

Open article ↗

Fri, May 15 · 07:17 PM CDT

CVE-2026-46364

9.8/10 · Must read/watch

NVDvuln

Summary
phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector() and BuiltinCaptcha::saveCaptcha() methods that interpolate unsanitized User-Agent headers into DELETE and INSERT queries. Unauthenticated attackers can exploit the public GET /api/captcha endpoint by craf

CVECVE-2026-46364

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 15 · 07:17 PM CDT

ModifiedThu, May 28 · 04:16 PM CDT

Open article ↗

Fri, May 15 · 09:16 AM CDT

CVE-2026-8398

9.8/10 · Must read/watch

NVDvuln

Summary
A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows versions 12.5.0.2421 through 12.5.0.2434), distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorized access to the vendor's (AVB Disc Soft)

CVECVE-2026-8398

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 15 · 09:16 AM CDT

ModifiedThu, May 28 · 12:57 PM CDT

Open article ↗

Wed, Jan 01 · 05:00 AM CST

CVE-1999-0511

9.1/10 · Must read/watch

NVDvuln

Summary
IP forwarding is enabled on a machine which is not a router or firewall.

CVECVE-1999-0511

SeverityCRITICAL

TypeUPDATED

PublishedWed, Jan 01 · 05:00 AM CST

ModifiedThu, May 28 · 06:16 PM CDT

Open article ↗

Fri, May 15 · 07:17 PM CDT

CVE-2026-45010

9.1/10 · Must read/watch

NVDvuln

Summary
phpMyFAQ before 4.1.2 contains an improper restriction of excessive authentication attempts vulnerability in the /admin/check endpoint, which accepts arbitrary user-id parameters without session binding or rate limiting. Unauthenticated attackers can brute-force any user's six-digit TOTP code by submitting POST request

CVECVE-2026-45010

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 15 · 07:17 PM CDT

ModifiedThu, May 28 · 04:16 PM CDT

Open article ↗

Mon, Nov 25 · 03:15 PM CST

CVE-2019-13721

8.8/10 · Worth your time

NVDvuln

Summary
Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVECVE-2019-13721

SeverityHIGH

TypeUPDATED

PublishedMon, Nov 25 · 03:15 PM CST

ModifiedThu, May 28 · 07:16 PM CDT

Open article ↗

Fri, Feb 04 · 11:15 PM CST

CVE-2020-7534

8.8/10 · Worth your time

NVDvuln

Summary
A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists on the web server used, that could cause a leak of sensitive data or unauthorized actions on the web server during the time the user is logged in. Affected Products: Modicon M340 CPUs: BMXP34 (All Versions), Modicon Quantum CPUs with integrated Ethernet

CVECVE-2020-7534

SeverityHIGH

TypeUPDATED

PublishedFri, Feb 04 · 11:15 PM CST

ModifiedThu, May 28 · 10:16 PM CDT

Open article ↗

Mon, May 04 · 02:16 PM CDT

CVE-2025-58074

8.8/10 · Worth your time

NVDvuln

Summary
A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges.

CVECVE-2025-58074

SeverityHIGH

TypeUPDATED

PublishedMon, May 04 · 02:16 PM CDT

ModifiedThu, May 28 · 05:16 PM CDT

Open article ↗

Wed, Apr 01 · 05:16 AM CDT

CVE-2026-5272

8.8/10 · Worth your time

NVDvuln

Summary
Heap buffer overflow in GPU in Google Chrome prior to 146.0.7680.178 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

CVECVE-2026-5272

SeverityHIGH

TypeUPDATED

PublishedWed, Apr 01 · 05:16 AM CDT

ModifiedThu, May 28 · 02:33 PM CDT

Open article ↗

Tue, Apr 28 · 01:19 PM CDT

CVE-2026-5781

8.8/10 · Worth your time

NVDvuln

Summary
An authorization vulnerability in MphRx's Minerva V3.6.0, specifically in the '/minerva/moUser/update' endpoint, could allow an authenticated user with user modification privileges to escalate their privileges by sending an HTTP request with a manipulated 'identifier' field. Successful exploitation of this vulnerabilit

CVECVE-2026-5781

SeverityHIGH

TypeUPDATED

PublishedTue, Apr 28 · 01:19 PM CDT

ModifiedThu, May 28 · 01:57 PM CDT

Open article ↗

Mon, Apr 27 · 09:16 AM CDT

CVE-2026-7101

8.8/10 · Worth your time

NVDvuln

Summary
A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The manipulation leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

CVECVE-2026-7101

SeverityHIGH

TypeUPDATED

PublishedMon, Apr 27 · 09:16 AM CDT

ModifiedThu, May 28 · 01:57 PM CDT

Open article ↗

Tue, May 12 · 06:17 PM CDT

CVE-2026-35438

8.3/10 · Worth your time

NVDvuln

Summary
Missing authorization in Windows Admin Center allows an authorized attacker to elevate privileges over a network.

CVECVE-2026-35438

SeverityHIGH

TypeUPDATED

PublishedTue, May 12 · 06:17 PM CDT

ModifiedThu, May 28 · 08:39 PM CDT

Open article ↗

Wed, May 22 · 08:29 PM CDT

CVE-2019-6820

8.2/10 · Worth your time

NVDvuln

Summary
A CWE-306: Missing Authentication for Critical Function vulnerability exists which could cause a modification of device IP configuration (IP address, network mask and gateway IP address) when a specific Ethernet frame is received in all versions of: Modicon M100, Modicon M200, Modicon M221, ATV IMC drive controller, Mo

CVECVE-2019-6820

SeverityHIGH

TypeUPDATED

PublishedWed, May 22 · 08:29 PM CDT

ModifiedThu, May 28 · 08:16 PM CDT

Open article ↗

Mon, Jan 25 · 07:30 PM CST

CVE-2010-0386

8.1/10 · Worth your time

NVDvuln

Summary
The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing (XST) attack, a related issue to CVE-2004-2763 and CVE-2005-3398.

CVECVE-2010-0386

SeverityHIGH

TypeUPDATED

PublishedMon, Jan 25 · 07:30 PM CST

ModifiedThu, May 28 · 07:16 PM CDT

Open article ↗

Mon, May 11 · 02:16 PM CDT

CVE-2026-4802

8.0/10 · Worth your time

NVDvuln

Summary
A flaw was found in Cockpit. This vulnerability allows a remote attacker to achieve arbitrary command execution on the host by exploiting unsanitized user-controlled parameters within crafted links in the system logs user interface (UI). An attacker can inject shell metacharacters and command substitutions into these p

CVECVE-2026-4802

SeverityHIGH

TypeUPDATED

PublishedMon, May 11 · 02:16 PM CDT

ModifiedThu, May 28 · 04:16 PM CDT

Open article ↗

Ignore today

Generic low-detail roundups without primary reporting.
HN items that are interesting but not clearly security or AI relevant.
Creator videos that look more like promotion, podcast chatter, or evergreen content than time-sensitive signal outside the rolling window.