← Latest brief

Security news.

·Afternoon Brief

Today's security news highlights multiple critical vulnerabilities under active exploitation, including a zero-day in Android and a high-severity flaw in Oracle WebLogic Server. The increasing role of AI in both offensive and defensive cybersecurity is also a prominent theme, with reports of AI-built ransomware toolkits and AI-powered account takeovers.

THNEXPLOIT
Jun 2READ

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

Google released patches for 124 Android vulnerabilities, including an actively exploited high-severity privilege escalation flaw (CVE-2025-48595) in the Framework component.

THNKEV
Jun 2READ

Oracle WebLogic CVE-2024-21182 Added to CISA KEV Catalog After Active Exploitation

CISA added a high-severity Oracle WebLogic Server vulnerability (CVE-2024-21182) to its Known Exploited Vulnerabilities Catalog, indicating active exploitation by unauthenticated attackers.

BLEEPINGRANSOMWARE
Jun 2READ

AI-built ransomware toolkit automates EDR evasion, AD discovery

A new AI-built attack toolkit is being used by threat actors to automate Active Directory discovery and evade Endpoint Detection and Response (EDR) solutions.

BLEEPINGAI
Jun 2READ

Instagram users locked out after Meta AI abused to steal accounts

Attackers successfully hijacked multiple Instagram accounts by tricking Meta's AI-powered support tools into believing they were the legitimate owners.

THNEXPLOIT
Jun 2READ

Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine

The Russian hacking group Gamaredon continues to exploit a WinRAR path traversal flaw (CVE-2025-8088) to deploy data-stealing malware against targets in Ukraine.

SECURITYWEEKSUPPLY CHAIN
Jun 2READ

Supply Chain Attack Hits 32 Red Hat NPM Packages

A supply chain attack compromised 32 Red Hat npm packages, injecting a credential-stealing worm similar to Mini Shai-Hulud, affecting developer credentials.

BLEEPING
Jun 2READ

Microsoft Exchange Online outage causes email delays, failures

Microsoft is addressing a widespread service issue impacting the mail flow pipeline for Exchange Online customers in North America and Germany, causing email delays and failures.

SECURITYWEEKBREACH
Jun 2READ

Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches

A critical stack-based buffer overflow vulnerability in HP VoIP phones can be exploited for remote code execution, potentially leading to enterprise network breaches.

Generated twice daily from public security RSS feeds. Informational only.