brangberg – Page 26

Google June 2026 Android Update Patches 124 Flaws, One Actively Exploited

Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severity flaw in the Framework component that has come under active exploitation.

Tracked as CVE-2025-48595 (CVSS score: 8.4), the security flaw has been described as a case of privilege escalation without requiring any user interaction. The

Gamaredon Exploits WinRAR to Deliver GammaWorm and GammaSteel Against Ukraine

The Russian hacking group known as Gamaredon has been attributed to the continued exploitation of a WinRAR vulnerability to deliver multiple malware families aimed at data theft and propagation.

Per Sekoia, the activity involves the weaponization of CVE-2025-8088, a path traversal flaw in WinRAR, to launch an HTML Application payload dubbed GammaPhish, which is then used to retrieve an

Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a high-severity security flaw impacting Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.

The vulnerability, CVE-2024-21182 (CVSS score: 7.5), allows an unauthenticated attacker with network access to take control of susceptible servers. It was

Microsoft Exchange Online outage causes email delays, failures

Microsoft is working to address a widespread service issue affecting the mail flow pipeline for Exchange Online customers across North America and Germany. […]

Two New Reports Offer Competing Explanations for Cybersecurity’s Growing Crisis

As AI shortens the path from vulnerability disclosure to exploitation, researchers disagree on whether the problem is inadequate security tools or inadequate operational control.

The post Two New Reports Offer Competing Explanations for Cybersecurity’s Growing Crisis appeared first on SecurityWeek.

Instagram users locked out after Meta AI abused to steal accounts

Multiple Instagram users had their accounts hijacked after attackers convinced Meta’s AI-powered support tools that they were the legitimate owners. […]

Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk

A simple development setting bypassed protections designed to prevent unauthorized Android apps from accessing Microsoft account tokens, exposing billions of installations.

The post Exclusive: How One Line of Code Put Billions of Microsoft Android App Downloads at Risk appeared first on SecurityWeek.

Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities

Google says the Android vulnerability CVE-2025-48595 has been exploited in limited, targeted attacks.

The post Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities appeared first on SecurityWeek.

Why the browser is now the front line for AI security

AI-powered attacks and shadow AI adoption are creating new security risks inside the browser. Push Security explains why browser visibility is becoming critical for both threat detection and AI governance. […]

Anthropic Expanding Mythos Access to 150 New Organizations

Only approximately 50 companies have had access to Mythos until now and they have found thousands of vulnerabilities in their products.

The post Anthropic Expanding Mythos Access to 150 New Organizations appeared first on SecurityWeek.

Author: brangberg