CRITICALZero Day
Global

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

·Source: SecurityWeek

Updated:

Executive Summary

Hardcoded machineKey values in a configuration file enabled ViewState deserialization attacks leading to remote code execution. The post Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment appeared first on SecurityWeek .

Analysis

Hardcoded machineKey values in a configuration file enabled ViewState deserialization attacks leading to remote code execution. The post Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment appeared first on SecurityWeek .
Source Attribution

Originally published by SecurityWeek on May 26, 2026.

Related Threats

CRITICALZero Day

Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities

Google says the Android vulnerability CVE-2025-48595 has been exploited in limited, targeted attacks. The post Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities appeared first on SecurityWeek .

CVE-2025-48595
SecurityWeek
CRITICALZero Day

Google fixes one actively exploited Android zero-day, 124 flaws

Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [...]

BleepingComputer
CRITICALZero Day

Microsoft Threatening Security Researcher

An anonymous security researcher called “Nightmare Eclipse” has been publishing a series of significant security exploits against Microsoft Windows—including one that breaks BitLocker. Microsoft has threatened legal action against the researcher. Lots of recriminations are being traded back and forth.

Schneier on Security