2 verified briefings on Lms. Each story includes a plain-English summary, why it matters, and the concrete action engineering teams should take.
A high-severity zero-day vulnerability in the KnowledgeDeliver Learning Management System was actively exploited by attackers. The flaw, caused by hard-coded keys, allowed them to install the Godzilla web shell and deploy Cobalt Strike for further network access. The vulnerability has since been patched.
Google's Mandiant team has detailed a critical zero-day vulnerability in the KnowledgeDeliver Learning Management System. The flaw, caused by insecure deserialization, allows unauthenticated attackers to achieve remote code execution on affected servers. The LMS is widely used in Japan, making this a significant regional security issue.