KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...

The most severe Linux threat to surface in years catches the world flat-footed

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe ...
PCMag on MSN

Kash Patel's Apparel Site Is Trying To Trick Visitors Into Installing Malware

The FBI director's Based Apparel site has been spotted hosting a 'ClickFix' attack, which involves duping users into running a seemingly benign, but malicious command.
GitHub

wrapper_run_gen_mbe_plot.ksh

export BE_DIR=/kukui/users/xinzhang/code/tmp/GENBE/cv6/gen_be5 export NUM_WE=74 # 1 point less than WE stagger points export NUM_SN=69 # 1 point less than SN stagger ...
GitHub

run_bias_label_sweep.sh

# SER + VSC bias_label_collapse α-sweep 자동 실행 (nohup 권장). # baseline(zero_shot)에서 가장 많이 예측된 라벨을 자동 추출 → collapse ...