Insights & updates

ACSP Briefing

A rolling briefing designed to help clients and prospects stay current on cybersecurity developments that may affect regulated and compliance-driven organizations.

Live briefing

Current briefing snapshot

A tighter rolling briefing focused on what changed in the last 6 hours, with vulnerabilities tracked on a 24-hour awareness window.

Generated Fri, Jun 12 · 06:00 PM CDT Window last 6 hours Open archive Fri, Jun 12 · 06:00 PM CDTFri, Jun 12 · 12:00 PM CDTFri, Jun 12 · 06:00 AM CDTFri, Jun 12 · 12:00 AM CDT

Top line

Coverage now updates on a rolling 6-hour window, while NVD entries come from the live API using a last-24-hours modified window and are sorted by severity.

Fast take

News stays on the current 6-hour slice, videos now use the last 24 hours, and NVD uses the API instead of the traditional feed to better match the live site behavior.

Top stories

5

Worth skimming

5

Tracked videos

2

NVD vulnerabilities

25

Top stories

The highest-priority items from the current rolling run.

Sat, 13 Jun 2026 00:29:32 +0530

Google Sues Chinese Smishing Network Accused of Using Gemini AI in Phishing

9.8/10 · Must read/watch

The Hacker Newsai

Summary
Google on Friday said it's pursuing legal action against a Chinese cybercrime network, accusing it of using its Gemini artificial intelligence (AI) agent to send phishing text messages targeting Americans. The network is said to be behind the development and m

Open article ↗

Fri, Jun 12 · 06:00 PM CDT

GitHub to Update npm to Thwart Software Supply Chain Attacks

9.4/10 · Must read/watch

Infosecurity Magazinesupply-chainai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Sat, 13 Jun 2026 01:03:25 +0530

Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit

9.4/10 · Must read/watch

The Hacker Newsmalwareidentity

Summary
Attackers took over more than 400 packages in the Arch User Repository (AUR) this week and rewrote their build scripts to install a credential stealer on any machine that built them. The malware is a Rust binary built to harvest developer secrets. When it land

Open article ↗

Fri, Jun 12 · 06:00 PM CDT

Ransomware Payment Crypto Laundering Platform Taken Out by FBI and Europol

9.2/10 · Must read/watch

Infosecurity Magazinemalware

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Fri, Jun 12 · 05:15 PM CDT

Twenty One Zero-Days in FFmpeg

9.0/10 · Must read/watch

Hacker Newsvuln

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 45 minutes ago.

Open article ↗

Worth skimming

Useful items that may matter, but probably do not deserve top-of-queue attention.

Fri, 12 Jun 2026 23:47:55 +0530

China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade

8.1/10 · Worth your time

The Hacker Newsgeneral

Summary
Instead of hiding on the laptops and servers defenders watch most closely, a China-nexus group spent close to a decade hidden inside the Linux login system itself. Sygnia, which tracks the group as Velvet Ant, says it backdoored the PAM and OpenSSH components

Open article ↗

Fri, Jun 12 · 04:00 PM CDT

Palantir loses legal challenge against Swiss investigative magazine

8.1/10 · Worth your time

Hacker Newsai

Summary
Surfaced from Hacker News front page during collection run. Freshness on HN: 2 hours ago.

Open article ↗

Fri, Jun 12 · 06:00 PM CDT

Cybercriminals Use Fake AI Guides and Dev Tools to Spread AsyncRAT Malware

8.0/10 · Worth your time

Infosecurity Magazinemalwareai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Fri, Jun 12 · 06:00 PM CDT

Extortion-Only Attacks Increase, With Data Theft Dominating Ransomware Claims

8.0/10 · Worth your time

Infosecurity Magazinemalwareai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Fri, Jun 12 · 06:00 PM CDT

Cybersecurity Software Fails to Detect Fifth of Brower-Based Phishing Attacks

8.0/10 · Worth your time

Infosecurity Magazineai

Summary
Collected from the Infosecurity Magazine news page during the latest run.

Open article ↗

Videos worth watching

Recent creator uploads scored with feed discovery and page-level analysis.

Fri, Jun 12 · 05:31 PM CDT

ContinuumCon 2026 - Day 1

8.2/10 · Worth your time

YouTube / John Hammondgeneral

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

Fri, Jun 12 · 12:00 AM CDT

Payload Podcast 008 - Ryan Hausknecht

6.8/10 · Skim only if relevant

YouTube / John Hammondgeneral

Why it matters
Recent creator upload with some page-level evidence. Better than raw feed discovery, but still not a full content review.

Worth watching?Maybe — good candidate if the title matches your interests, but confidence is still moderate.

Confidencelow

Open article ↗

NVD vulnerabilities

NVD API entries modified in the last 24 hours, sorted by severity for quick scanning.

Tue, Jun 09 · 04:16 PM CDT

CVE-2026-10520

10.0/10 · Must read/watch

NVDvuln

Summary
An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution

CVECVE-2026-10520

SeverityCRITICAL

TypeUPDATED

PublishedTue, Jun 09 · 04:16 PM CDT

ModifiedThu, Jun 11 · 08:16 PM CDT

Open article ↗

Tue, Jun 09 · 04:16 PM CDT

CVE-2026-25089

9.8/10 · Must read/watch

NVDvuln

Summary
A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthentic

CVECVE-2026-25089

SeverityCRITICAL

TypeUPDATED

PublishedTue, Jun 09 · 04:16 PM CDT

ModifiedThu, Jun 11 · 09:39 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-44815

9.8/10 · Must read/watch

NVDvuln

Summary
Stack-based buffer overflow in Windows DHCP Client allows an unauthorized attacker to execute code over a network.

CVECVE-2026-44815

SeverityCRITICAL

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 05:35 PM CDT

Open article ↗

Tue, May 26 · 06:16 PM CDT

CVE-2026-9170

9.8/10 · Must read/watch

NVDvuln

Summary
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service and a potential remote code execution due to improper input validation.

CVECVE-2026-9170

SeverityCRITICAL

TypeUPDATED

PublishedTue, May 26 · 06:16 PM CDT

ModifiedThu, Jun 11 · 02:16 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-42904

9.6/10 · Must read/watch

NVDvuln

Summary
Heap-based buffer overflow in Windows TCP/IP allows an unauthorized attacker to elevate privileges over an adjacent network.

CVECVE-2026-42904

SeverityCRITICAL

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 04:15 PM CDT

Open article ↗

Wed, May 27 · 02:17 PM CDT

CVE-2026-7876

9.1/10 · Must read/watch

NVDvuln

Summary
IBM Aspera HSTS for CP4I 1.5.1 through 1.5.19 is affected by an authentication bypass vulnerability. A transfer client may be able to take advantage of this vulnerability to access files in the server's local storage that they should not have access to, when specific restriction settings are not in place.

CVECVE-2026-7876

SeverityCRITICAL

TypeUPDATED

PublishedWed, May 27 · 02:17 PM CDT

ModifiedThu, Jun 11 · 02:16 PM CDT

Open article ↗

Tue, Jun 02 · 09:16 AM CDT

CVE-2026-1784

8.8/10 · Worth your time

NVDvuln

Summary
The Route OpenShift resource allows to define routes to make pods reachable at a subdomain through HAProxy. It was found that the checks performed on the spec.path YAML stanza in a Route document was insufficient and could allow a controlled injection of the HAProxy configuration.

CVECVE-2026-1784

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 02 · 09:16 AM CDT

ModifiedThu, Jun 11 · 12:16 PM CDT

Open article ↗

Thu, May 21 · 09:16 PM CDT

CVE-2026-47101

8.8/10 · Worth your time

NVDvuln

Summary
LiteLLM prior to 1.83.14 allows an authenticated internal_user to create API keys with access to routes that their role does not permit. When generating a key, the allowed_routes field is stored without verifying that the specified routes fall within the user's own permissions. A key created with access to admin-only r

CVECVE-2026-47101

SeverityHIGH

TypeUPDATED

PublishedThu, May 21 · 09:16 PM CDT

ModifiedThu, Jun 11 · 07:16 PM CDT

Open article ↗

Thu, May 21 · 09:16 PM CDT

CVE-2026-47102

8.8/10 · Worth your time

NVDvuln

Summary
LiteLLM prior to 1.83.10 allows a user to modify their own user_role via the /user/update endpoint. While the endpoint correctly restricts users to updating only their own account, it does not restrict which fields may be changed. A user who can reach this endpoint can set their role to proxy_admin, gaining full admini

CVECVE-2026-47102

SeverityHIGH

TypeUPDATED

PublishedThu, May 21 · 09:16 PM CDT

ModifiedThu, Jun 11 · 07:16 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-44810

8.4/10 · Worth your time

NVDvuln

Summary
Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally.

CVECVE-2026-44810

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 05:13 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-45456

8.4/10 · Worth your time

NVDvuln

Summary
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

CVECVE-2026-45456

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 06:40 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-45458

8.4/10 · Worth your time

NVDvuln

Summary
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.

CVECVE-2026-45458

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 03:37 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-45607

8.4/10 · Worth your time

NVDvuln

Summary
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

CVECVE-2026-45607

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 06:37 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-45641

8.4/10 · Worth your time

NVDvuln

Summary
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

CVECVE-2026-45641

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 05:42 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-44822

8.2/10 · Worth your time

NVDvuln

Summary
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

CVECVE-2026-44822

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 06:38 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-42981

8.1/10 · Worth your time

NVDvuln

Summary
Integer underflow (wrap or wraparound) in Windows Performance Monitor allows an unauthorized attacker to execute code over a network.

CVECVE-2026-42981

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 04:55 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-42987

8.1/10 · Worth your time

NVDvuln

Summary
Use after free in Windows Deployment Services allows an unauthorized attacker to execute code over a network.

CVECVE-2026-42987

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 03:46 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-45599

8.1/10 · Worth your time

NVDvuln

Summary
Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.

CVECVE-2026-45599

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 02:57 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-45635

8.1/10 · Worth your time

NVDvuln

Summary
Use after free in Universal Plug and Play (upnp.dll) allows an unauthorized attacker to execute code over a network.

CVECVE-2026-45635

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 06:36 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-45588

7.9/10 · Worth your time

NVDvuln

Summary
Protection mechanism failure in Windows Secure Boot allows an authorized attacker to bypass a security feature locally.

CVECVE-2026-45588

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 03:25 PM CDT

Open article ↗

Mon, Mar 31 · 11:15 PM CDT

CVE-2025-24170

7.8/10 · Worth your time

NVDvuln

Summary
A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. An app may be able to gain root privileges.

CVECVE-2025-24170

SeverityHIGH

TypeUPDATED

PublishedMon, Mar 31 · 11:15 PM CDT

ModifiedThu, Jun 11 · 07:16 PM CDT

Open article ↗

Tue, Nov 04 · 02:15 AM CST

CVE-2025-43407

7.8/10 · Worth your time

NVDvuln

Summary
This issue was addressed with improved entitlements. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, iOS 26.1 and iPadOS 26.1, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1, tvOS 26.1, visionOS 26.1. An app may be able to break out of its sandbox.

CVECVE-2025-43407

SeverityHIGH

TypeUPDATED

PublishedTue, Nov 04 · 02:15 AM CST

ModifiedThu, Jun 11 · 07:16 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-40409

7.8/10 · Worth your time

NVDvuln

Summary
Windows Universal Disk Format File System Driver (UDFS) Elevation of Privilege Vulnerability

CVECVE-2026-40409

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 05:06 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-41092

7.8/10 · Worth your time

NVDvuln

Summary
Improper access control in Microsoft Kinect allows an authorized attacker to elevate privileges locally.

CVECVE-2026-41092

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 05:04 PM CDT

Open article ↗

Tue, Jun 09 · 05:17 PM CDT

CVE-2026-42829

7.8/10 · Worth your time

NVDvuln

Summary
Improper access control in Windows Administrator Protection allows an authorized attacker to bypass a security feature locally.

CVECVE-2026-42829

SeverityHIGH

TypeUPDATED

PublishedTue, Jun 09 · 05:17 PM CDT

ModifiedThu, Jun 11 · 05:02 PM CDT

Open article ↗

Ignore today

Noise, weak angles, or items that do not appear to deserve your time right now.

Generic low-detail roundups without primary reporting.
HN items that are interesting but not clearly security or AI relevant.
Creator videos that look more like promotion, podcast chatter, or evergreen content than time-sensitive signal outside the rolling window.