CISA Flags 2-Year-Old Oracle WebLogic Vulnerability as Actively Exploited

CISA added Oracle WebLogic flaw CVE-2024-21182 to its KEV catalog, giving federal agencies until June 4 to patch exposed ...
CSO Online

Two-year old Oracle WebLogic Server vulnerability is being exploited

Its inclusion in the US CISA catalog of known exploited vulnerabilities is a warning to admins that patching is needed now.
Ars Technica

Mozilla says 271 vulnerabilities found by Mythos have “almost no false positives”

The disbelief was palpable when Mozilla’s CTO last month declared that AI-assisted vulnerability detection meant “zero-days are numbered” and “defenders finally have a chance to win, decisively.” ...
CSOonline

Microsoft’s new AI system finds 16 Windows flaws, including four critical RCEs

Microsoft has unveiled a new AI-driven vulnerability discovery system that identified 16 previously unknown Windows vulnerabilities, including four critical remote code execution flaws, in what ...
Bleeping Computer

Latest Zero-Day news

Acer is working to address two maximum-severity zero-day vulnerabilities affecting its Wave 7 mesh routers. A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day ...