Information security
fromSecurityWeek
1 day agoHackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment
A KnowledgeDeliver ASP.NET zero-day enabled ViewState deserialization using hardcoded machineKey values, leading to web shells, Godzilla malware, and Cobalt Strike backdoors.