KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
The Caledonian-Record

Phancy Group Ranked Number One in China’s Machine Learning Platform Market for the 8th Consecutive Year

IDC today released its China AI Software Market Semi-Annual Tracker, 2025H2 report. According to the report, Phancy Group ...
The Caledonian-Record

Audiencerate: Riccardo Fabbri Joins as Chief Technology Officer—The AI-Driven Phase of the Platforms for SMEs and Media Agencies Begins

Audiencerate Ltd, one of the few globally certified Google Customer Match Upload Partners and a Microsoft IP Co-sell ...
The Hacker News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.

How AI is transforming higher education and the future workforce

As AI adoption grows, so does the need for responsible use. Technology alone does not drive outcomes. People must interpret ...

Earnings calls, algorithms and ... jazz music? How investors are using AI to gain a trading edge

When the New York-based hedge-fund-manager-turned-entrepreneur was trying to find new ways to unlock alpha – trading jargon ...

How AI is reshaping higher education and powering the future workforce

Institutions must move quickly to ensure learners are not only familiar with AI but also able to apply it in real-world ...
DATAQUEST

India's AI surge exposes software supply chain security gaps

India's software supply chain security challenge is deepening as AI expands the attack surface while many enterprises lack ...
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...
Decrypt

Shai-Hulud: What to Know About the Malware Spreading Through Software Pipelines

The Shai-Hulud supply-chain malware campaign is exploiting the automated systems developers trust to publish software safely.
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...