Cybersecurity News | Daily Recap [03 Jun 2026]

Daily Recap, Multiple vendors issued urgent zero-day patches across Android, Oracle WebLogic, and Wave 7 routers, while new weaknesses in VS Code and the WordPress Kirki plugin raised token-theft and admin-hijack concerns. Attack activity also escalated with the WeedHack campaign impacting over 116,000 Minecraft systems, the Kali365 phishing kit expanding to target AWS and Okta, and Gamaredon delivering GammaWorm and GammaSteel via WinRAR. #Google #Oracle #Acer #Android #OracleWebLogic #CVE-2024-21182 #Wave7 #VSCode #WordPress #Kirki #GitHub #WeedHack #CountLoader #Minecraft #Kali365 #AWS #Okta #MetaAI #Instagram #Gamaredon #WinRAR #GammaWorm #GammaSteel #Ukraine #CISA #FBI #MicrosoftExchangeOnline #Coreutils #DoD

Google, Oracle, and Acer rushed out fixes for actively exploited or max-severity flaws, including a 124-flaw Android update with one zero-day, a KEV-listed Oracle WebLogic CVE-2024-21182, and critical bugs in Wave 7 routers. – Android Patch, WebLogic Bug, Wave 7 Fix
VS Code and WordPress users face fresh exploit risk as a zero-day can steal GitHub tokens in one click and the Kirki plugin flaw is being used to hijack admin accounts. – VS Code Zero-Day, Kirki Flaw, Plugin Abuse

WeedHack hit more than 116,000 Minecraft systems, while related reports also tracked CountLoader infections reaching 86K and miners spreading through pirated content. – WeedHack, Minecraft Spread
The FBI-flagged Kali365 phishing kit expanded beyond Microsoft 365 to target AWS, Okta, and major Russian services, using device-code phishing and OAuth token theft to bypass MFA. – Kali365 Kit
Instagram users were locked out after attackers abused Meta AI to steal accounts, showing how AI features are being repurposed for credential theft. – Meta AI Theft
Gamaredon used WinRAR to deliver GammaWorm and GammaSteel against Ukraine, highlighting continued malware delivery via trusted tools. – Gamaredon Attack

AI security took center stage as 100 AI agents were tested and ranked, the browser was framed as the new front line for AI risk, and an AI-built ransomware toolkit was shown automating EDR evasion and AD discovery. – AI Agents, Browser Frontline, Ransomware Toolkit
Google added Android protections against AI deepfake scam calls as governments pushed new policy responses, including a Trump executive order on vetting top AI models for national security risks. – Deepfake Defense, AI Order, Scaled-Back Order
The DoD moved to integrate cyber into all operations and bake security into AI systems, reflecting a broader push to operationalize cyber across defense. – DoD Cyber Plan

Attackers targeted a global stock exchange in an espionage operation, underscoring sustained interest in financial-sector intelligence collection. – Stock Exchange
CISA and FBI activity continued to spotlight real-world exploitation, with federal agencies pushing urgent patching for the Oracle WebLogic flaw. – CISA Alert

Microsoft Exchange Online suffered an outage that caused email delays and failures, disrupting enterprise communications. – Exchange Outage
Microsoft also unveiled its Coreutils project to bring Linux commands to Windows, signaling continued cross-platform tooling convergence. – Coreutils

Police dismantled 9 crime groups in an illegal streaming crackdown, showing coordinated action against digital piracy networks. – Streaming Crackdown
Security research warned that the industry’s growing crisis is being driven by conflicting assessments of risk, complexity, and preparedness. – Crisis Reports

SHARE THIS STORY