SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...
Infosecurity Magazine

Chinese Threat Actors Ditch Static Phishing Pages for Live Credential Interception

Almost all organizations impersonated by Chinese phishing platforms are non-Chinese entities, suggesting operators ...