KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.

'Big Blunder': How a Class 12 CBSE student exposed a security flaw in a national exam portal

On May 26 evening, CBSE said the evaluation portal had neither been compromised nor found to contain any vulnerabilities.

CBSE OSM row: Venugopal urges PM Modi's intervention, says students 'shouldn't be penalised over systemic failure'

A Delhi student alleged his Physics answer sheet was mismatched under CBSE’s OSM system and later faced severe online ...
Tech Times

npm Supply Chain Attacks Hit GitHub: 2FA Approval Gate Now Blocks Stolen CI Tokens

GitHub’s internal repositories — now staged publishing in npm 11.15.0 requires a human 2FA approval before any package goes ...
CSO Online

TrapDoor malware campaign puts developer workstations in CISO spotlight

Malicious packages across npm, PyPI, and Crates.io show how poisoned developer workflows can become a route into enterprise systems.
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...

Backrooms film review: A buzzy thriller that goes from freaky to sleepy

Born the same year that YouTube debuted, Parsons began his journey to Backrooms as a 16-year-old, creating a series of online ...

Your daily horoscope: May 27, 2026

Find a quiet spot where you can be alone with your thoughts and listen carefully to what your inner voice is trying to tell ...