KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
The Hacker News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.
CSOonline

9 tips to detect and prevent web shell attacks on Windows networks

Attackers often use web shells to mimic legitimate files and compromise web servers. These best practices will lower your risk. One tool that bad guys use to go after your web servers is a web shell.
Bleeping Computer

Microsoft warns of an increasing number of web shell attacks

Microsoft says that the number of monthly web shell attacks has almost doubled since last year, with an average of 140,000 such malicious tools being found on compromised servers every month. Web ...
ZDNet

Microsoft says it detects 77,000 active web shells on a monthly basis

This ebook, based on the latest ZDNet/TechRepublic special feature, offers a detailed look at how to build risk management policies to protect your critical digital assets. Read now In a blog post ...
ZDNet

FBI blasts away web shells on US servers in wake of Exchange vulnerabilities

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...
Dark Reading

What You Need to Know -- or Remember -- About Web Shells

Malware known as China Chopper is behind the recent headline-making attacks against vulnerable Microsoft Exchange Servers worldwide. China Copper is a type of malicious software known as a Web shell, ...