Godzilla - Geek Feed

KnowledgeDeliver flaw exploited as a zero-day to install web shells

May 27, 2026May 27, 2026 geekfeed0Tagged 0day, ASP.NET, CVE-2026-5426, Godzilla, KnowledgeDeliver, rce, Remote Code Execution, ViewState, Zero-Day

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell. The flaw is a deserialization issue tracked as CVE-2026-5426 and can be exploited without authentication. It stems from the use of a shared hardcoded machine key in the web portal configuration across all KnowledgeDeliver customer […]

3 mins read

Microsoft says attackers use exposed ASP.NET keys to deploy malware

February 9, 2025February 9, 2025 geekfeed0Tagged ASP.NET, code execute remotely, Code Injection, Godzilla, IIS server, malware, microsoft, Post-Exploitation Framework, ViewState code injection

Microsoft warns that attackers are deploying malware in ViewState code injection attacks using static ASP. NET machine keys found online. As Microsoft Threat Intelligence experts recently discovered, some developers use ASP.NET validationKey and decryptionKey keys (designed to protect ViewState from tampering and information disclosure) found on code documentation and repository platforms in their own software. […]

3 mins read