KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
LGBTQ NationOpinion

Peppermint made her mark on Drag Race. Now her advocacy is front and center.

Now, Peppermint is getting set to be one of New York City Pride’s official grand marshals. And she’s doing that while ...
Tech Times

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Italy condemn Wales to another Six Nations Wooden Spoon

Wales suffer another Six Nations clean sweep after losing to Italy, a result which extends their winless run to a record nine ...

Abstract illustrator Robert Pasternak blends genres and scale with surreal miniature exhibition in Winnipeg

On show at Katie + Gunner Gallery, The Art of Noticing is the graphic designer and filmmaker’s first major display after a 10 ...
CSO Online

Exchange Server zero-day vulnerability can be triggered by opening a malicious email

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to ...

WSL final day recap: Champions Man City receive trophy, Arsenal finish second

Follow build-up, team news, score and live text commentary as all 12 Women's Super League sides are in action on the final ...

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.

Take Rimbaud, a new play about the futility of art, is a manifesto in every sense of the word

The play named its four characters A, B, C and M, and was, for the most part, plotless, a tangle of atmospheres and ideas ...