KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...
Infosecurity Magazine

Chinese Threat Actors Ditch Static Phishing Pages for Live Credential Interception

Almost all organizations impersonated by Chinese phishing platforms are non-Chinese entities, suggesting operators ...

Federal watchdog says lawful access bill poses privacy risks

Privacy Commissioner recommends changes to protect privacy rights, including letting his office investigate data breaches ...

CBSE Cybersecurity Put To The Test: 19-Year-Old Ethical Hacker Flags OSM Portal Flaws, Board Responds

The Central Board of Secondary Education (CBSE) has been hit by a fresh digital storm after a 19-year-old cybersecurity researcher, Nisarga Adhikary, claimed to have revealed critical vulnerabilities ...
Tech Times

npm Supply Chain Attacks Hit GitHub: 2FA Approval Gate Now Blocks Stolen CI Tokens

GitHub’s internal repositories — now staged publishing in npm 11.15.0 requires a human 2FA approval before any package goes ...
havasunews.com

Goldwater asks appeals court to strike down Arizona film tax credits

Rebuffed by a trial judge, the Goldwater Institute is now trying to convince the state Court of Appeals that it's illegal for the state to give tax credits ...
The Caledonian-Record

Study suggests exercise makes people more generous

The post-exercise "warm glow" increases generosity towards good causes, according to the research.

Patterson: The loss they never forgot — and the title Millard North finally won

Millard North celebrated their third title and first since 2005, despite losing five of their last 6 regular season games.