KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
The Hacker News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.
InfoWorld

Taming the generative AI back end

Writing code that interacts with LLM services requires bridging two different worlds. Use these tips and techniques to bind ...

This intergenerational run club in Toronto wants to blaze a path into the sport

Kickback Run Club aims to make running more inclusive for lower-income families and people from Black and racialized ...
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...
CSO Online

TrapDoor malware campaign puts developer workstations in CISO spotlight

Malicious packages across npm, PyPI, and Crates.io show how poisoned developer workflows can become a route into enterprise systems.

Hottest May day record broken again as temperature hits 35.1C in London

Today's 35.1C (95.2F) at Kew Gardens beats the record set yesterday of 34.8C - Wales and the island of Ireland have also had ...

Ontario municipal councillors to face stiffer ethics penalties under new bill

New rules could be in place ahead of October municipal elections, says Municipal Affairs and Housing Minister Rob Flack ...

‘No security breach’: CBSE clarifies after Class 12 student claims ‘vulnerabilities’ in OSM portal

CBSE clarified that the portal used for evaluation answer sheets has a different URL than the one visible on the teenager's ...