KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
Tech Times

Exchange Server OWA Zero-Day CVE-2026-42897 Exploited With No Permanent Patch and New Mitigation Gaps

Microsoft confirmed on May 14 that CVE-2026-42897 — a cross-site scripting flaw in the Outlook Web Access component of Exchange Server 2016, 2019, and Subscription Edition — is under active ...
The Hacker News

ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories

A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. They are ...
GitHub

An arbitrary-precision Decimal type for JavaScript.

The library is similar to bignumber.js, but here precision is specified in terms of significant digits rather than decimal places, and all calculations are rounded to the precision (similar to ...
cybernews

Best no-code AI agent builders

If you want to build AI agents without writing code, you’re probably stuck choosing between tools that all promise automation but work very differently. This guide is about finding the best no-code AI ...
Microsoft

SharePoint for financial services

Build trusted client connections with secure, intelligent content experiences. Use document libraries with version control to track changes, apply metadata for easy search, and enforce retention ...