Advertisement
CRITICAL
Vulnerabilities
CVE-2026-5426: KnowledgeDeliver LMS Zero-Day Exploited for Godzilla Shell
Attackers exploited a zero-day in KnowledgeDeliver LMS (CVE-2026-5426) using hard-coded ASP.NET keys to deploy Godzilla web shells and Cobalt Strike Beacons.
Runtime Rebel Intel
4 min read·May 26, 2026
HIGH
Threat Intel
Ghostwriter Targets Ukraine with Geofenced PDF Phishing & Cobalt Strike
Ghostwriter (UAC-0057) leverages geofenced PDF phishing to deliver Cobalt Strike against Ukrainian government entities, combining espionage and influence.
Runtime Rebel Intel
3 min read·May 14, 2026
HIGH
Threat Intel
Ransomware TTPs Shift: From Cobalt Strike to Native Tools, Data Theft Surges
Ransomware actors are abandoning Cobalt Strike for native Windows tools as payment rates decline, leading to a significant surge in data theft.
Runtime Rebel Intel
5 min read·Mar 18, 2026
CRITICAL
Threat Intel
APT41-Linked Silver Dragon Targets Governments via Google Drive C2
APT41 sub-group Silver Dragon targets European and Southeast Asian governments using public-facing server exploits and Google Drive for C2 operations.
Runtime Rebel Intel
3 min read·Mar 4, 2026