Security news.
Today's security news highlights multiple critical vulnerabilities under active exploitation, including a zero-day in Android and a high-severity flaw in Oracle WebLogic Server. The increasing role of AI in both offensive and defensive cybersecurity is also a prominent theme, with reports of AI-built ransomware toolkits and AI-powered account takeovers.
Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited
Google released patches for 124 Android vulnerabilities, including an actively exploited high-severity privilege escalation flaw (CVE-2025-48595) in the Framework component.
Oracle WebLogic CVE-2024-21182 Added to CISA KEV Catalog After Active Exploitation
CISA added a high-severity Oracle WebLogic Server vulnerability (CVE-2024-21182) to its Known Exploited Vulnerabilities Catalog, indicating active exploitation by unauthenticated attackers.
AI-built ransomware toolkit automates EDR evasion, AD discovery
A new AI-built attack toolkit is being used by threat actors to automate Active Directory discovery and evade Endpoint Detection and Response (EDR) solutions.
Instagram users locked out after Meta AI abused to steal accounts
Attackers successfully hijacked multiple Instagram accounts by tricking Meta's AI-powered support tools into believing they were the legitimate owners.
Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine
The Russian hacking group Gamaredon continues to exploit a WinRAR path traversal flaw (CVE-2025-8088) to deploy data-stealing malware against targets in Ukraine.
Supply Chain Attack Hits 32 Red Hat NPM Packages
A supply chain attack compromised 32 Red Hat npm packages, injecting a credential-stealing worm similar to Mini Shai-Hulud, affecting developer credentials.
Microsoft Exchange Online outage causes email delays, failures
Microsoft is addressing a widespread service issue impacting the mail flow pipeline for Exchange Online customers in North America and Germany, causing email delays and failures.
Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches
A critical stack-based buffer overflow vulnerability in HP VoIP phones can be exploited for remote code execution, potentially leading to enterprise network breaches.