Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation.
As alert volumes outpace human capacity, organizations are turning to AI, automation, and deeper context to separate real threats from the noise.
A PowerShell script included in patch files appears to be triggering false positives by multiple security engines.
Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production.
AI-driven development is not something organizations can or should block. But it must be governed.
AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code.
CISOs are now facing machine-speed attacks and asking, “How do I agent?” The industry must provide remediation at scale.
As enterprises rush AI projects into production, security teams are increasingly being forced into reactive mode.
Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes.
RegisterAI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program.
Register
SecurityWeek’s CISO Forum 2026 Mid-Year Review is a virtual roundtable to evaluate the year’s most pressing challenges and share critical updates shaping the 2026 security landscape.
[June 10, 2026 | Virtual]
SecurityWeek’s 2026 Cloud Security Summit will help organizations learn how to utilize tools, controls, and design models needed to properly secure cloud environments.
[July 15, 2026 | Virtual]
SecurityWeek’s AI Risk Summit is the leading conference where technology, security, and risk leaders converge with AI researchers, developers, and policy makers shaping the future of enterprise AI.
[August 11-12, 2026 | In-Person]
SecurityWeek’s CodeSecCon 2026 will bring together developers and cybersecurity professionals to revolutionize the way applications are built, secured, and maintained.
[August 19, 2026 | Virtual]
-
The critical-severity OS command injection vulnerability allows attackers to execute arbitrary code with root privileges. (June 12, 2026)
-
The browser refresh resolved critical and high-severity security defects, including a dozen use-after-free bugs. (June 12, 2026)
-
Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation. (June 12, 2026)
-
Oracle has released mitigations for CVE-2026-35273, but it has not said whether it’s a zero-day exploited in ShinyHunters attacks. (June 11, 2026)
-
Oracle has mitigated CVE-2026-35273, but it has not publicly confirmed the vulnerability’s in-the-wild exploitation. (June 12, 2026)
-
Researchers say the OnyxC2 malware targets more than 200 applications and extensions while evading detection through encrypted payloads, DLL sideloading, and in-memory execution techniques. (June 11, 2026)
-
Relying on social engineering, the hacking group engages in credential phishing, malware distribution, and fraud activities. (June 4, 2026)
-
Law enforcement and tech companies disrupted infrastructure linked to scammers operating across Southeast Asia. (June 4, 2026)
