IT News Roundup: Android Zero-Day Patches, AI Cyber Models Expand, Oracle WebLogic Warning - June 4, 2026

This week in IT news, Google released its June 2026 Android security bulletin patching 124 vulnerabilities including a zero-day under active exploitation. In the AI-security space, both OpenAI and Anthropic made significant moves expanding their cybersecurity-focused models to banks and critical infrastructure operators. Meanwhile, CISA added a two-year-old Oracle WebLogic flaw to its Known Exploited Vulnerabilities catalog, and NVIDIA unveiled an open humanoid robot reference design at GTC Taipei.

Google June 2026 Android Security Update Patches 124 Vulnerabilities, Including Actively Exploited Zero-Day

Google has released its June 2026 Android security update, addressing 124 vulnerabilities across the platform. Most notably, the bulletin includes a fix for CVE-2025-48595 (CVSS: 8.4), a zero-day integer overflow vulnerability in the Android Framework that allows local privilege escalation without any user interaction.

The flaw affects devices running Android versions 14, 15, 16, and 16 QPR2. Google confirmed that the vulnerability has been exploited in limited, targeted attacks in the wild — a rare designation that signals real-world threat activity. Security researchers note that the local attack vector likely means exploitation arrives through malicious apps or compromised system components rather than remote exploits.

Device manufacturers are now rolling out the patches, though the timeline varies by OEM. Users are advised to check for system updates and install them promptly. For homelabbers running Android-based devices or containers, updating remains critical.

Source: The Hacker News, BleepingComputer

OpenAI Expands GPT-5.5 Cyber Access to Major UK Banks

OpenAI has granted nine major UK banks access to GPT-5.5 Cyber, its cybersecurity-focused AI model designed to identify software vulnerabilities and security weaknesses in banking systems. The institutions include Lloyds Banking Group, HSBC, and Nationwide — banks that were previously blocked from testing Anthropic's rival Claude Mythos model.

The move comes as debate intensifies over how advanced AI security tools should be deployed across critical financial infrastructure. OpenAI also confirmed that starting June 1, 2026, users accessing its most permissive cyber models will need phishing-resistant account protections through Advanced Account Security or approved enterprise authentication systems.

The company has also extended GPT-5.5 Cyber access to the EU market, marking a significant step in the competitive landscape for AI-powered vulnerability research and remediation tools.

Source: BBC News, CyberNews

Anthropic Scales Project Glasswing to 150 Organizations Across 15 Countries

Anthropic has significantly expanded Project Glasswing, its collaborative AI-driven cybersecurity initiative, by extending access to Claude Mythos Preview to approximately 150 new organizations in more than 15 countries. The expansion targets critical infrastructure operators in the power, water, and telecommunications sectors.

Project Glasswing was launched as a partnership between Anthropic, Amazon Web Services, Apple, and other technology companies to secure the world's most critical software for the AI era. The program gives infrastructure defenders a head start by providing access to Mythos, Anthropic's newest frontier model specifically trained for security vulnerability research.

The expansion comes amid growing concerns that AI models capable of autonomously finding and fixing vulnerabilities at scale are reshaping patch management. Industry experts note that the ability of AI to identify vulnerabilities faster than humans can patch them is creating a new bottleneck in vulnerability remediation workflows.

Source: TechCrunch, Anthropic

CISA Adds Oracle WebLogic Vulnerability to KEV Catalog After Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency added CVE-2024-21182 (CVSS: 7.5) to its Known Exploited Vulnerabilities catalog on June 1, 2026, based on confirmed evidence of active exploitation in the wild. The flaw impacts Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0 and allows an unauthenticated attacker with network access to take full control of susceptible servers.

Despite being patched two years ago, the vulnerability remains active in the wild — a stark reminder that patching compliance lags significantly behind patch availability. Under Binding Operational Directive 22-01, federal agencies were given until June 4 to remediate exposed servers.

For enterprises still running Oracle WebLogic, this is a critical action item. Organizations should audit their WebLogic deployments, verify patch levels, and apply remediation immediately if running affected versions.

Source: CISA, The Hacker News

Lovable Signs Multi-Year Deal with Google Cloud, Plans 5x Infrastructure Expansion

Stockholm-based AI coding startup Lovable has signed an expanded multi-year deal with Google Cloud, with sources indicating a fivefold increase in the company's cloud footprint. The 146-person startup will gain expanded access to both Anthropic's Claude models — widely used for coding tasks — and Google's own Gemini models.

As part of the collaboration, Lovable launched its Lovable Agent in Google Cloud's Gemini Enterprise Agent Gallery, providing verified third-party agent access built on Google Cloud's secure infrastructure. A new Wiz integration will identify and remediate vulnerabilities in AI-generated code for Lovable users in real time.

The deal underscores the rapid growth of AI-powered software creation platforms and the cloud infrastructure demands they place on hyperscalers. For homelabbers experimenting with AI-assisted development, the trend signals that enterprise-grade AI coding tools are becoming increasingly accessible through cloud partnerships.

Source: TechCrunch, Google Cloud

NVIDIA Unveils Isaac GR00T Reference Humanoid Robot at GTC Taipei

NVIDIA announced the Isaac GR00T Reference Humanoid Robot at GTC Taipei on June 1, 2026 — the first open humanoid robot reference design built on NVIDIA's Jetson Thor compute platform and Isaac GR00T open software stack. The platform combines a Unitree H2 Plus humanoid robot body, Sharpa five-fingered hands for dexterous manipulation, and onboard Jetson Thor compute for advanced reasoning and control.

The system is designed as a full-stack development platform for researchers and developers building next-generation humanoid robots. By opening the reference design, NVIDIA aims to accelerate embodied AI research across university labs and industry partners.

The announcement marks a significant step in the convergence of AI and robotics, with implications for everything from industrial automation to assistive technologies. For the homelab and maker community, the open reference design could lower barriers to humanoid robot experimentation.

Source: NVIDIA Investor Relations, TechTimes

India's IT Stocks Plummet 5.8% on AI Disruption Fears

India's information technology stocks suffered their worst day in four months on June 3, with the IT index dropping 5.8% as renewed concerns about AI disruption rattled investors. Shares of Tata Consultancy Services plunged 9%, while Infosys and Tech Mahindra also posted significant losses.

The selloff reflects growing investor anxiety that generative AI could reduce demand for traditional software outsourcing services — the core business model of India's IT giants. The market reaction highlights the structural uncertainty facing global service providers as AI tools automate tasks previously handled by large developer teams.

The episode serves as a reminder that the AI transformation is not just a technology story but a market-moving force with real economic consequences. IT professionals and homelabbers should take note: the skills landscape is shifting faster than most organizations can adapt.

Source: Reuters