SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...

Google accidentally exposed details of unfixed Chromium flaw

Google has accidentally leaked details about an unfixed issue in Chromium that keeps JavaScript running in the background ...