Information security
fromThe Hacker News
1 day agoKnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike
Hard-coded ASP.NET machine keys enabled unauthenticated ViewState deserialization, allowing zero-day exploitation to deploy Godzilla web shells and Cobalt Strike Beacon.