KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...
The Hacker News

9-Year-Old Linux Kernel Flaw Enables Root Command Execution on Major Distros

CVE-2026-46333 is a nine-year Linux kernel improper privilege management flaw introduced in November 2016 with a CVSS score ...
Reuters

Shell PLC

UK shares closed higher on ‌Wednesday as hopes of a resolution to the Iran war pushed down crude prices and lifted risk appetite, with upbeat updates from Pets at Home and Hollywood Bowl driving gains ...
PCMag on MSN

Kash Patel's Apparel Site Is Trying To Trick Visitors Into Installing Malware

The FBI director's Based Apparel site has been spotted hosting a 'ClickFix' attack, which involves duping users into running a seemingly benign, but malicious command.