Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

Bluekit phishing kit adopts browser-in-the-middle for login theft

The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and ...
Bleeping Computer

KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell. The flaw is a deserialization issue ...
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

Threat actors exploited a KnowledgeDeliver zero-day vulnerability to deploy web shells and backdoors, Google-owned Mandiant reports. A learning management system (LMS) built by Digital Knowledge, ...
The Hacker News

KnowledgeDeliver LMS Flaw Exploited to Deploy Godzilla and Cobalt Strike

A now-patched high-severity security flaw affecting Digital Knowledge KnowledgeDeliver, a Learning Management System (LMS) popular in Japan, was exploited as a zero-day to deliver the Godzilla web ...
LinkedIn

Bluebeam Revu 21.8 Release Notes: New Features and Fixes

Bluebeam Revu 21.8 lands on December 3, 2025 Here are the Release Notes: What's New Round Corners: Round one or more corners for Polygon and Polyline markups. Studio Project Search now includes markup ...
LinkedIn

Revu 21.6.1 bug fix update: key issues resolved

HOT OFF THE PRESSES: BUG FIX UPDATE Revu 21.6.1 - Release Notes What’s Fixed Hovering over Symbols in the Tool Chest no longer showed additional information. Dynamic Toolset scale was misapplied to ...