● HIGH/ JUNE 3, 2026TODAY’S BRIEFING — #077
Android, WinRAR, WordPress Kirki: Three critical zero-days under active exploitation
Google Android zero-day (CVE-2025-48595) actively exploited; Gamaredon APT weaponizing WinRAR; WordPress Kirki plugin hijacking admin accounts. CISA adds Oracle WebLogic to KEV catalog.
CVE-2025-48595Google Android — High-severity zero-day actively exploited in the wild; CVSS 8.4CVE-2025-8088Rarlab Winrar — Path traversal vulnerability actively exploited by Gamaredon APT to deliver malwareCVE-2026-8206WordPress Kirki Plugin — Critical privilege escalation actively exploited to hijack admin accountsCVE-2024-21182Oracle Weblogic Server — High-severity vulnerability (CVSS 7.5) added to CISA KEV catalog; active exploitation confirmed
Read the full briefing →