KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...
The Hacker News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.
For Construction Pros

Bluebeam Unveils Bluebeam Max Subscription with AI Tools and Expanded AEC Collaboration Features

Bluebeam has announced Bluebeam Max, a new premium subscription plan designed to bring artificial intelligence into its Revu platform. Launching globally in early 2026, the plan adds automation and ...

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
Marine Technology News

WASSP Launches BlueBeam v2 Software

WASSP, a leader in multibeam sonar technology and part of the ENL Group, announced the global release of the BlueReam v2 software for WASSP ...