KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
Oneindia

‘Weak Defences’: Class 12 Ethical Hacker Claims It Took Only A Few Minutes To Hack CBSE OSM System

An independent researcher highlights potential security weaknesses in the CBSE On-Screen Marking portal, raising questions ...

'Anyone Could Edit Marks': 19-Year-Old Ethical Hacker Alleges Major Security Flaws In CBSE Evaluation System

Amid mounting student complaints over CBSE’s new On-Screen Marking system, a Class 12 student and cybersecurity researcher ...

FPJ Exclusive: Meet Nisarga, The 19-Year-Old Ethical Hacker Who Flagged Alleged CBSE Portal Issues In February 2026

Fresh concerns have emerged over CBSE’s online portal after a 19-year-old cybersecurity researcher alleged vulnerabilities ...
India Today

Nisarga Adhikary, 19, claims he hacked CBSE marking portal, warned board earlier

A teen cybersecurity researcher’s blog post alleging serious flaws in CBSE’s On-Screen Marking portal has triggered concern ...

Google accidentally published a four-year-old Chromium security bug, then tried to hide it again

Google recently published – and then quickly hid – a potentially dangerous bug found in the Chromium web browser. The ...

Google publishes exploit code threatening millions of Chromium users

Google on Wednesday published exploit code for an unfixed vulnerability in its Chromium browser codebase that threatens millions of people using Chrome, Microsoft Edge, and virtually all other ...
Windows Report

Tycoon2FA Returns With New Microsoft 365 Device-Code Phishing Attacks

Tycoon2FA has returned with new device-code phishing attacks targeting Microsoft 365 users through legitimate OAuth login ...

Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...
AARP

Scam Alert: Authorities Alarmed by Surge in Fake Traffic Violation Texts

Javascript must be enabled to use this site. Please enable Javascript in your browser and try again. Give today and help older adults facing poverty during Older ...
CSO Online

FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.