KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...

Websites have a new way to spy on visitors: Analyzing their SSD activity

Now sites have a new way to spy on their visitors: measuring subtle interactions with their solid-state drives. The technique ...

Fingerprint Launches Automation Intelligence API and AI Assistant Detection, Delivering the Industry’s Most Complete View of AI Traffic

Fingerprint, a leader in device intelligence, today launched the preview release of AI Assistant Detection and the Automation ...
Searchenginejournal.com

Core Web Vitals: WordPress And Astro Versus Everyone Else

HTTP Archive’s latest Core Web Vitals Technology Report ranks seven content management platforms and offers the surprising insight that page weight and PageSpeed Insights Lighthouse scores do not ...

ADA Title III Web Accessibility

An explanation of how Title III of the Americans with Disabilities Act of 1990 (ADA) applies to websites, mobile applications ...

WP Maps Pro bug exploited to create admin accounts on WordPress sites

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue ...
Hackaday

This Week In Security: Ubiquiti Fixes, And FreeBSD Joins The Club You Don’t Want To Join

Ubiquiti released a new security bulletin detailing fixes for six security issues, including one rated 9.1 (critical) and one scoring a perfect 10.0 on the CVE risk scale. The vulnerabilities ...

Machine-First Architecture: How To Build Websites Machines Can Identify, Read, Cite & Use

Most AI search guidance stops at citations. This architecture framework extends to autonomous agents completing transactions ...

Web browsers can spy on information via SSD access times

IT researchers have demonstrated a side-channel attack called "FROST" where browsers can spy on user behavior via SSD access times.

Ottawa to launch new startup investment fund as part of AI strategy, source says

Ottawa will launch a new investment fund to support artificial intelligence startups and add hundreds of millions of dollars ...
Hackaday

A Modern Web Browser For Classic Mac OS

When using older computers there comes a point at which modern software drops support, as for example is happening with builds for Windows XP. Every now and then though, along comes something that ...