Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.

Learn how a human-centric approach can reduce authentication errors in enterprise environments while improving security and ...

Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.

CBSE Class 12 Evaluation System Issues: Adhikari claimed that by combining these flaws, an attacker could potentially take over examiner accounts, view assigned answer scripts, modify marks, and ...

Tycoon2FA has returned with new device-code phishing attacks targeting Microsoft 365 users through legitimate OAuth login ...

Nisarga Adhikary claimed he had hacked the CBSE website and identified serious lapses in the agency's On Screen Marking (OSM) ...

A variant of the PureLogs infostealer malware has been distributed through purchase-order-themed phishing emails that use a ...

Just before appearing for his own Class 12 board exams, teenager and cybersecurity hobbyist Nisarga Adhikary claims he ...

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.

The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detection and complete fraudulent subscriptions.