Google says the Android vulnerability CVE-2025-48595 has been exploited in limited, targeted attacks.
The post Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities appeared first on SecurityWeek.
Why the browser is now the front line for AI security
AI-powered attacks and shadow AI adoption are creating new security risks inside the browser. Push Security explains why browser visibility is becoming critical for both threat detection and AI governance. […]
Anthropic Expanding Mythos Access to 150 New Organizations
Only approximately 50 companies have had access to Mythos until now and they have found thousands of vulnerabilities in their products.
The post Anthropic Expanding Mythos Access to 150 New Organizations appeared first on SecurityWeek.
CISA flags two-year-old Oracle flaw as actively exploited in attacks
CISA has ordered government agencies to secure their systems against a high-severity Oracle WebLogic Server vulnerability that was patched two years ago and is now actively exploited in attacks. […]
The Zero-Knowledge Threat Actor and the End of Responsible Disclosure
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
The post The Zero-Knowledge Threat Actor and the End of Responsible Disclosure appeared first on SecurityWeek.
Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches
A stack-based buffer overflow bug can be exploited for remote code execution on a vulnerable device.
The post Critical Vulnerability in HP VoIP Phones Enables Enterprise Network Breaches appeared first on SecurityWeek.
CISA Urges Stronger Security for Automatic Tank Gauge Systems
AI-Driven Exploitation is Destroying Vulnerability Management. Here’s How to Handle It.
AI-driven exploitation timelines are rapidly shrinking, and they are not going to stop shrinking. Vulnerabilities are being discovered, reproduced, and weaponized faster than ever in the history of enterprise security. As a result, the window between a vulnerability being disclosed and indiscriminate exploitation observed across the internet is now measured in hours, not days.
The industry’s
Oracle WebLogic Vulnerability Exploited in the Wild
The vulnerability is CVE-2024-21182 and it can be exploited without authentication to hack affected WebLogic servers.
The post Oracle WebLogic Vulnerability Exploited in the Wild appeared first on SecurityWeek.
Google fixes one actively exploited Android zero-day, 124 flaws
Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. […]