KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.

I quit ChatGPT for a free, private, and local AI called Ollama - here's why

Save your money, your privacy, and the planet. This installable AI offers several benefits you won't find with more ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
How-To Geek on MSN

I figured out how to run my favorite Linux TUI music player on Android, and it's better than any app on the Play Store

Cmus is my favorite music player on Linux. Here's how I turned set up this TUI app on my Android phone.
Microsoft

Typosquatted npm packages used to steal cloud and CI/CD secrets

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...