SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...
The Hacker News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
Microsoft

From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...
Cyber Daily

Warning! Hackers spotted exploiting poorly patched SonicWall SSL VPN appliances

Simply patching isn’t enough to prevent threat actors from exploiting SSL-VPN MFA Bypass CVE-2024-12802; here’s what you need ...
GitHub

Provides a compatible WMTS Tile Server from MBTiles.

Using mbtiles-server you could easily sustain 60 active users and up to 480 passive users. These tests were done on the server locally, network traffic and switches could slow down these results ...
GitHub

TAK-Product-Center/Server

Select Finish. The TAK Server parent project, and all subprojects, will be imported into Eclipse. Install PostgreSQL + PostGIS extension locally on your workstation, or run the docker container as ...
Android

A Security Researcher Decompiled The White House App, & What They Found Is Pretty Alarming

A security researcher decompiled the White House’s new official app and found some alarming stuff buried in the code, including a hidden GPS tracking pipeline, JavaScript loaded from a random GitHub ...