Cybersecurity & Data Protection
2
UPVOTE
thehackernews.com

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deployment of Cobalt Strike Beacon. The vulnerability, tracked as CVE-2026-5426 (CVSS score: 7.5), stems from the use of hard-coded ASP.NET machine keys, leading to
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
TN

The Hacker News

10d ago
2 0

Discussion

Your thoughts matter!

Your input is valuable—be the first to share it!

No comments yet.

Be the first to share your take and keep the conversation moving.

Join the conversation

Log in or sign up to add your comment and participate in the discussion!

Log In Sign Up

UPVOTERS

Community appreciation

See who found this content valuable and showed their support.

CA

Carlos

CarlosUpvoted 9d ago2 comments · 71 shares
MA

SariMartinez

SariMartinezUpvoted 9d ago1 comments · 17 shares

TOPICS

Explore the same topics

Discover more content from the topics this post is mapped to.

thehackernews.com
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Co…

The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SM…
TN

The Hacker News

2026-06-05 07:51
0
bleepingcomputer.com
Brave Software releases Origin for a paid, bloat-free browsing …

Brave has announced the public release of Brave Origin, a paid minimalist version of its browser that strips out cryptocurrency, AI, rewards, and other monetiz…
Carlos the great

Carlos the great

5h ago
0
darkreading.com
Bugcrowd Launches EU Data Residency Option For Evolving Data So…

Organizations are growing serious about what nation’s rules apply to their data. Experts point to geopolitical tensions as a main contributing factor.
DR

Dark Reading

7h ago
0
bleepingcomputer.com
New IronWorm malware hits 36 packages in npm supply-chain attac…

A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm. [. .. ]
Giulia

Giulia

12h ago
0
bleepingcomputer.com
Police dismantles fake ID marketplace used by migrant smugglers

French and Spanish authorities took down an online marketplace selling fake identity documents to migrant smuggling rings operating within the European Union.…
MB

Maria Bakker

15h ago
0
thehackernews.com
China-Linked TA4922 Expands Phishing Attacks to UK, Germany, It…

A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U. K. , Germany, Italy, and South…
TN

The Hacker News

15h ago
0

Keep browsing

Explore more from this topic

Dive into the full feed of curated posts covering Cybersecurity & Data Protection.

Browse Topics

RELATED CONTENT

Continue exploring

Discover more content that aligns with your interests and this post.

thehackernews.com
PCPJack Hijacks 230 AWS, Google Cloud, and Azure Servers for Co…

The threat actor known as PCPJack has hijacked cloud servers associated with Amazon Web Services (AWS), Google Cloud, and Microsoft Azure to create a covert SM…
TN

The Hacker News

2026-06-05 07:51
0
thehackernews.com
China-Linked TA4922 Expands Phishing Attacks to UK, Germany, It…

A new China-linked cybercrime group known as TA4922 has expanded its targeting focus to target European organizations in the U. K. , Germany, Italy, and South…
TN

The Hacker News

15h ago
0
thehackernews.com
Weedhack Attacks Minecraft Users, CountLoader Hits 86K, Miners …

Cybersecurity researchers have flagged a new campaign targeting Minecraft players via YouTube to spread malware capable of gaining control of victims' systems.…
TN

The Hacker News

1d ago
0
thehackernews.com
Google June 2026 Android Update Patches 124 Flaws, One Actively…

Google on Monday released patches for 124 security vulnerabilities impacting its Android operating system for the month of June 2026, including one high-severi…
TN

The Hacker News

2d ago
0
thehackernews.com
Dashlane Discloses Brute-Force Attack, Encrypted Vaults of Fewe…

Password manager Dashlane has disclosed that "fewer than" 20 users on the personal subscription plan had their encrypted vaults downloaded following a brute-fo…
TN

The Hacker News

2d ago
0
thehackernews.com
⚡ Weekly Recap: New Linux Flaw, PAN-OS Exploit, AI-Powered Atta…

Monday hit like a cron job with anger issues. A busted auth path here, a repo-side faceplant there, some "patched-ish" thing already getting chewed on in the…
TN

The Hacker News

3d ago
0

Still curious?

See more related posts

Keep the inspiration flowing with fresh submissions and trending finds from the community.

View Latest