TechSecInfo

The tech + cyber briefing: what happened, why it matters, and where it came from.

Cyber Security

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

By rooter

A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web shell and ultimately facilitate the deployment of Cobalt Strike Beacon.

The vulnerability, tracked as CVE-2026-5426 (CVSS score: 7.5), stems from the use of hard-coded ASP.NET machine keys, leading to

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

Oh hi there 👋
It’s nice to meet you.

Sign up to receive awesome content in your inbox, every month.

We don’t spam! Read our privacy policy for more info.

By rooter

Related Post

Cyber Security

âš¡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

rooter
Cyber Security

Netherlands Seizes 800 Servers, Arrests 2 for Aiding Cyberattacks

rooter
Cyber Security

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

rooter

Leave a Reply

You Missed

News

Third-Party Cyberattack Impacts Patient Information at The Oncology Institute

Cyber Security

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

Security

Welcoming the Bhutanese Government to Have I Been Pwned