URL has been copied successfully!
KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike


Tags: , , , ,

A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deployment of Cobalt Strike Beacon.The vulnerability, tracked as CVE-2026-5426 (CVSS score: 7.5), stems from the use of hard-coded ASP.NET machine keys, leading to

First seen on thehackernews.com

Jump to article: thehackernews.com/2026/05/knowledgedeliver-lms-flaw-exploited-to.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare
  2. Hackers Exploiting Chrome Zero”‘Day Vulnerability in the Wild
  3. CVE-2025-61882: Frequently Asked Questions About Oracle E-Business Suite (EBS) Zero-Day and Associated Vulnerabilities
  4. Apple fixes zero-day flaw exploited in targeted attacks (CVE-2026-20700)