Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.
In a joint operation, CrowdStrike, Google and Shadowserver Foundation disrupted infrastructure used by the Glassworm ...
As part of daily operations, small businesses may need to collect or exchange sensitive data that should be protected. It could be a financial transaction, a mailing address or some other personally ...
CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...
Apple today published new corecrypto source code on GitHub, alongside a detailed technical post explaining the intricate work behind its post-quantum cryptography efforts.
Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...
Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.
TanStack has released a detailed postmortem describing a sophisticated supply-chain attack that compromised 42 npm packages ...
Public Safety Minister Gary Anandasangaree faced calls from opposition MPs Tuesday to amend the federal government’s lawful access bill to ensure that it would not break or weaken digital encryption.
A variant of the PureLogs infostealer malware has been distributed through purchase-order-themed phishing emails that use a ...
Almost all organizations impersonated by Chinese phishing platforms are non-Chinese entities, suggesting operators ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results