KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
Tech Times

npm Supply Chain Attacks Hit GitHub: 2FA Approval Gate Now Blocks Stolen CI Tokens

GitHub’s internal repositories — now staged publishing in npm 11.15.0 requires a human 2FA approval before any package goes ...
CSO Online

TrapDoor malware campaign puts developer workstations in CISO spotlight

Malicious packages across npm, PyPI, and Crates.io show how poisoned developer workflows can become a route into enterprise systems.

‘No security breach’: CBSE clarifies after Class 12 student claims ‘vulnerabilities’ in OSM portal

CBSE clarified that the portal used for evaluation answer sheets has a different URL than the one visible on the teenager's ...

'Anyone Could Edit Marks': 19-Year-Old Ethical Hacker Alleges Major Security Flaws In CBSE Evaluation System

Amid mounting student complaints over CBSE’s new On-Screen Marking system, a Class 12 student and cybersecurity researcher ...
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...

'Big Blunder': How a Class 12 CBSE student exposed a security flaw in a national exam portal

On May 26 evening, CBSE said the evaluation portal had neither been compromised nor found to contain any vulnerabilities.
The Caledonian-Record

mimik Launches mimOE Studio to Accelerate Agentix-Native Systems with Sustainable Economics and Scalable Growth

OE™ Studio, the first Agentix-Native Workstation, powered by mimik’s mimOE, Agentix Operating Engine. Together they enable ...

CBSE OSM row: Venugopal urges PM Modi's intervention, says students 'shouldn't be penalised over systemic failure'

A Delhi student alleged his Physics answer sheet was mismatched under CBSE’s OSM system and later faced severe online ...
The Caledonian-Record

GCL Announces the Global Console and PC Version 1.0 Release of ‘Realm of Ink’

GCL Global Holdings Ltd (Nasdaq: GCL) (“GCL” or the “Company”), a leading provider of games and entertainment, today announced that its publishing subsidiary, ...
Twinfinite

Shonen Unleashed Codes (May 2026)

Since codes are guaranteed to not be in Shonen Unleashed, there isn’t a concrete redemption process to follow. As such, the instructions below are just our best guess as to how it would work, even ...