KnowledgeDeliver LMS Zero-Day Exploited for Web Shell Installation

Attackers have exploited a critical zero-day vulnerability in KnowledgeDeliver, a learning management system, to deploy Godzilla web shells on compromised servers. This vulnerability allows unauthorized access and control over affected systems. Organizations using KnowledgeDeliver should immediately patch their systems and monitor for suspicious activity. Web shells enable attackers to execute commands remotely, potentially leading to data theft or further system compromise. Educational institutions and enterprises relying on this LMS platform are advised to check their infrastructure for signs of exploitation and implement security updates as soon as they become available. Source: Original Report.