Archive snapshot

Tue, Jun 09 · 06:00 AM CDT

Archived briefing content rendered inside the ACSP site experience.

Back to archive

Archived briefing

Snapshot overview

Generated Tue, Jun 09 · 06:00 AM CDTWindow last 6 hours

Top line

Coverage now updates on a rolling 6-hour window, while NVD entries come from the live API using a last-24-hours modified window and are sorted by severity.

Fast take

News stays on the current 6-hour slice, videos now use the last 24 hours, and NVD uses the API instead of the traditional feed to better match the live site behavior.

Top stories

5

Worth skimming

5

Tracked videos

2

NVD vulnerabilities

25

Top stories

Tue, Jun 09 · 06:00 AM CDT

Google Releases Patch for Chrome Vulnerability Exploited in the Wild

9.8/10 · Must read/watch

Infosecurity Magazinevuln

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, Jun 09 · 06:00 AM CDT

WhatsApp Discovers NSO Group-Linked Spearphishing Attempts

9.8/10 · Must read/watch

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, 09 Jun 2026 11:56:14 +0530

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

9.8/10 · Must read/watch

The Hacker Newsvulnaipolicyidentity

Summary
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity flaw impacting BerriAI LiteLLM to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2026

Open article ↗

Tue, Jun 09 · 06:00 AM CDT

Check Point Warns Critical Auth Bypass Bug Exploited in the Wild

9.4/10 · Must read/watch

Infosecurity Magazinevulnidentity

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, 09 Jun 2026 14:43:32 +0530

Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

8.9/10 · Worth your time

The Hacker Newssupply-chainaiidentity

Summary
The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index (PyPI) registry, as the Mini Shai-Hulud-style attacks continue to be refined and spli

Open article ↗

Worth skimming

Tue, Jun 09 · 06:00 AM CDT

OpenAI Unveils ChatGPT Account Security Controls

8.2/10 · Worth your time

Infosecurity Magazineai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, Jun 09 · 06:00 AM CDT

Infosecurity Europe: Why JLR’s CISO Enforced In-Person Password Resets Following Cyber-Attack

8.2/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Tue, 09 Jun 2026 15:20:41 +0530

New FROST Attack Lets Websites Track What Sites and Apps You Open via SSD Timing

8.1/10 · Worth your time

The Hacker Newsgeneral

Summary
A malicious website can work out which sites you visit and which apps you open, using nothing but JavaScript and the timing of your SSD. The attack, called FROST, needs no native code, no extension, and no permission prompt. You open the page, leave the tab si

Open article ↗

Tue, Jun 09 · 03:00 AM CDT

Microsoft's open source tools were hacked to steal passwords of AI developers

8.1/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 3 hours ago.

Open article ↗

Tue, Jun 09 · 06:00 AM CDT

Infosecurity Europe: How DSIT Protects Thousands of UK Orgs from Cyber Vulnerabilities

7.7/10 · Worth your time

Infosecurity Magazinegeneral

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Videos worth watching

Mon, Jun 08 · 08:00 AM CDT

This Hacker Made $7,000 Hacking AI With One Email

7.9/10 · Worth your time

YouTube / NahamSecai

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

Mon, Jun 08 · 08:34 AM CDT

Content creations was both a blessing and a curse. #bugbounty

7.4/10 · Worth your time

YouTube / NahamSecgeneral

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

NVD vulnerabilities

Mon, Mar 16 · 02:17 PM CDT

CVE-2016-20024

9.8/10 · Must read/watch

NVDvuln

Summary
ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace executable files with malicious binaries for privi

CVECVE-2016-20024

SeverityCRITICAL

TypeUPDATED

PublishedMon, Mar 16 · 02:17 PM CDT

ModifiedMon, Jun 08 · 04:16 PM CDT

Open article ↗

Mon, Mar 16 · 02:17 PM CDT

CVE-2016-20026

9.8/10 · Must read/watch

NVDvuln

Summary
ZKTeco ZKBioSecurity 3.0 contains hardcoded credentials in the bundled Apache Tomcat server that allow unauthenticated attackers to access the manager application. Attackers can authenticate with hardcoded credentials stored in tomcat-users.xml to upload malicious WAR archives containing JSP applications and execute ar

CVECVE-2016-20026

SeverityCRITICAL

TypeUPDATED

PublishedMon, Mar 16 · 02:17 PM CDT

ModifiedMon, Jun 08 · 04:16 PM CDT

Open article ↗

Mon, Mar 16 · 02:17 PM CDT

CVE-2016-20030

9.8/10 · Must read/watch

NVDvuln

Summary
ZKTeco ZKBioSecurity 3.0 contains a user enumeration vulnerability that allows unauthenticated attackers to discover valid usernames by submitting partial characters via the username parameter. Attackers can send requests to the authLoginAction!login.do script with varying username inputs to enumerate valid user accoun

CVECVE-2016-20030

SeverityCRITICAL

TypeUPDATED

PublishedMon, Mar 16 · 02:17 PM CDT

ModifiedMon, Jun 08 · 04:16 PM CDT

Open article ↗

Thu, May 02 · 08:29 PM CDT

CVE-2018-16988

9.8/10 · Must read/watch

NVDvuln

Summary
An issue was discovered in Open XDMoD through 7.5.0. An authentication bypass (account takeover) exists due to a weak password reset mechanism. A brute-force attack against an MD5 rid value requires only 600 guesses in the plausible situation where the attacker knows that the victim has started a password-reset process

CVECVE-2018-16988

SeverityCRITICAL

TypeUPDATED

PublishedThu, May 02 · 08:29 PM CDT

ModifiedMon, Jun 08 · 03:05 PM CDT

Open article ↗

Tue, Sep 09 · 09:15 AM CDT

CVE-2025-40795

9.8/10 · Must read/watch

NVDvuln

Summary
A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SIMATIC PCS neo V6.0 (All versions < V6.0 SP1 Update 1), User Management Component (UMC) (All versions < V2.15.1.3). Affected products contain a stack-based buffer overflow vulnerability in the integrated UM

CVECVE-2025-40795

SeverityCRITICAL

TypeUPDATED

PublishedTue, Sep 09 · 09:15 AM CDT

ModifiedTue, Jun 09 · 10:16 AM CDT

Open article ↗

Tue, Dec 09 · 06:15 PM CST

CVE-2025-59718

9.8/10 · Must read/watch

NVDvuln

Summary
A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0.0 through 7.

CVECVE-2025-59718

SeverityCRITICAL

TypeUPDATED

PublishedTue, Dec 09 · 06:15 PM CST

ModifiedTue, Jun 09 · 10:16 AM CDT

Open article ↗

Tue, Dec 09 · 06:15 PM CST

CVE-2025-59719

9.8/10 · Must read/watch

NVDvuln

Summary
An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

CVECVE-2025-59719

SeverityCRITICAL

TypeUPDATED

PublishedTue, Dec 09 · 06:15 PM CST

ModifiedTue, Jun 09 · 10:16 AM CDT

Open article ↗

Wed, Jun 03 · 01:16 PM CDT

CVE-2026-35075

9.8/10 · Must read/watch

NVDvuln

Summary
An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices.

CVECVE-2026-35075

SeverityCRITICAL

TypeUPDATED

PublishedWed, Jun 03 · 01:16 PM CDT

ModifiedMon, Jun 08 · 05:17 PM CDT

Open article ↗

Fri, May 29 · 09:16 AM CDT

CVE-2026-49197

9.8/10 · Must read/watch

NVDvuln

Summary
Web endpoints intended for the Acer Connect app improperly validate the HTTP Authorization header, failing to block requests when Base64 decoding fails.

CVECVE-2026-49197

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 29 · 09:16 AM CDT

ModifiedMon, Jun 08 · 12:33 PM CDT

Open article ↗

Fri, May 29 · 09:16 AM CDT

CVE-2026-49200

9.8/10 · Must read/watch

NVDvuln

Summary
The acer_cgi.log file in the device firmware is accessible without authentication via the web interface. This file contains cleartext login credentials (for web and Telnet), leading to unauthorized system access.

CVECVE-2026-49200

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 29 · 09:16 AM CDT

ModifiedMon, Jun 08 · 12:27 PM CDT

Open article ↗

Fri, May 29 · 11:16 AM CDT

CVE-2026-49201

9.8/10 · Must read/watch

NVDvuln

Summary
The upload.cgi binary, responsible for processing device backups, contains a hardcoded AES encryption key. This allows an attacker to decrypt, modify, and re-encrypt system backups, facilitating persistent backdoor injection.

CVECVE-2026-49201

SeverityCRITICAL

TypeUPDATED

PublishedFri, May 29 · 11:16 AM CDT

ModifiedMon, Jun 08 · 12:34 PM CDT

Open article ↗

Thu, Jun 04 · 10:16 AM CDT

CVE-2026-50214

9.8/10 · Must read/watch

NVDvuln

Summary
The /v1/Plan service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost network access plans.

CVECVE-2026-50214

SeverityCRITICAL

TypeUPDATED

PublishedThu, Jun 04 · 10:16 AM CDT

ModifiedMon, Jun 08 · 12:56 PM CDT

Open article ↗

Wed, May 13 · 07:17 PM CDT

CVE-2026-0257

9.1/10 · Must read/watch

NVDvuln

Summary
Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues.

CVECVE-2026-0257

SeverityCRITICAL

TypeUPDATED

PublishedWed, May 13 · 07:17 PM CDT

ModifiedTue, Jun 09 · 10:16 AM CDT

Open article ↗

Thu, Jun 04 · 10:16 AM CDT

CVE-2026-50225

9.1/10 · Must read/watch

NVDvuln

Summary
The registration path /v1/account/register provides no bot mitigation mechanisms, allowing malicious automated systems to flood the database.

CVECVE-2026-50225

SeverityCRITICAL

TypeUPDATED

PublishedThu, Jun 04 · 10:16 AM CDT

ModifiedMon, Jun 08 · 12:58 PM CDT

Open article ↗

Thu, May 28 · 09:16 AM CDT

CVE-2026-4408

9.0/10 · Must read/watch

NVDvuln

Summary
A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper escaping of shell meta-c

CVECVE-2026-4408

SeverityCRITICAL

TypeUPDATED

PublishedThu, May 28 · 09:16 AM CDT

ModifiedMon, Jun 08 · 03:28 PM CDT

Open article ↗

Mon, Mar 16 · 02:17 PM CDT

CVE-2016-20025

8.8/10 · Worth your time

NVDvuln

Summary
ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that allows authenticated users to escalate privileges by modifying executable files. Attackers can leverage the Modify permission granted to the Authenticated Users group to replace executable binaries with malicious code for privil

CVECVE-2016-20025

SeverityHIGH

TypeUPDATED

PublishedMon, Mar 16 · 02:17 PM CDT

ModifiedMon, Jun 08 · 04:16 PM CDT

Open article ↗

Tue, Jan 27 · 04:16 PM CST

CVE-2025-15467

8.8/10 · Worth your time

NVDvuln

Summary
Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS (Auth)EnvelopedData structure

CVECVE-2025-15467

SeverityHIGH

TypeUPDATED

PublishedTue, Jan 27 · 04:16 PM CST

ModifiedTue, Jun 09 · 10:16 AM CDT

Open article ↗

Tue, May 12 · 06:16 PM CDT

CVE-2025-53844

8.8/10 · Worth your time

NVDvuln

Summary
A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11 allows attacker to execute unauthorized code or commands via specially crafted packets.

CVECVE-2025-53844

SeverityHIGH

TypeUPDATED

PublishedTue, May 12 · 06:16 PM CDT

ModifiedTue, Jun 09 · 10:16 AM CDT

Open article ↗

Tue, Jun 02 · 09:16 AM CDT

CVE-2026-1784

8.8/10 · Worth your time

NVDvuln

Summary
The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was insufficient and could allow a controlled injection of the HAProxy configuration.

CVECVE-2026-1784

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 02 · 09:16 AM CDT

ModifiedMon, Jun 08 · 02:36 PM CDT

Open article ↗

Tue, Feb 10 · 04:16 AM CST

CVE-2026-23687

8.8/10 · Worth your time

NVDvuln

Summary
SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information, unauthorized access to sensitive user data and potentia

CVECVE-2026-23687

SeverityHIGH

TypeUPDATED

PublishedTue, Feb 10 · 04:16 AM CST

ModifiedTue, Jun 09 · 08:16 AM CDT

Open article ↗

Wed, Jun 03 · 01:16 PM CDT

CVE-2026-35082

8.8/10 · Worth your time

NVDvuln

Summary
The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input.

CVECVE-2026-35082

SeverityHIGH

TypeUPDATED

PublishedWed, Jun 03 · 01:16 PM CDT

ModifiedMon, Jun 08 · 05:17 PM CDT

Open article ↗

Wed, Jun 03 · 01:16 PM CDT

CVE-2026-35083

8.8/10 · Worth your time

NVDvuln

Summary
A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root.

CVECVE-2026-35083

SeverityHIGH

TypeUPDATED

PublishedWed, Jun 03 · 01:16 PM CDT

ModifiedMon, Jun 08 · 05:17 PM CDT

Open article ↗

Wed, Jun 03 · 01:16 PM CDT

CVE-2026-35084

8.8/10 · Worth your time

NVDvuln

Summary
A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root.

CVECVE-2026-35084

SeverityHIGH

TypeUPDATED

PublishedWed, Jun 03 · 01:16 PM CDT

ModifiedMon, Jun 08 · 05:17 PM CDT

Open article ↗

Wed, Jun 03 · 01:16 PM CDT

CVE-2026-35085

8.8/10 · Worth your time

NVDvuln

Summary
A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root.

CVECVE-2026-35085

SeverityHIGH

TypeUPDATED

PublishedWed, Jun 03 · 01:16 PM CDT

ModifiedMon, Jun 08 · 05:16 PM CDT

Open article ↗

Fri, Mar 13 · 07:55 PM CDT

CVE-2026-3999

8.8/10 · Worth your time

NVDvuln

Summary
A broken access control may allow an authenticated user to perform a horizontal privilege escalation. The vulnerability only impacts specific configurations.

CVECVE-2026-3999

SeverityHIGH

TypeUPDATED

PublishedFri, Mar 13 · 07:55 PM CDT

ModifiedMon, Jun 08 · 02:31 PM CDT

Open article ↗

Ignore today

Generic low-detail roundups without primary reporting.
HN items that are interesting but not clearly security or AI relevant.
Creator videos that look more like promotion, podcast chatter, or evergreen content than time-sensitive signal outside the rolling window.