Bleeping Computer

New IronWorm malware hits 36 packages in npm supply-chain attack

A new supply-chain attack has infected 36 packages on the Node Package Manager (npm) index with infostealer malware called IronWorm. The malware targets 86 environment variables (key-value pairs) and ...

KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...
Travel Weekly

Helloworld lands coveted Chadstone retail outlet as travel fightback continues

Helloworld Travel is doubling down on bricks-and-mortar retail, securing a prime position inside Chadstone Shopping Centre as demand for face-to-face travel advice continues to defy the digital-only ...
The Australian

Peter Costello joins Helloworld board in Liberal party reunion with Andrew Burnes

It comes as Helloworld has spent the last year stalking online travel group Webjet in a contested takeover battle that saw it fight it out with a slightly higher rival bid from private equity firm BGH ...
The Australian Financial Review

Helloworld appoints former treasurer Peter Costello to board

Former treasurer Peter Costello will join the Helloworld board as it battles to gain control of struggling online travel agent Webjet. Helloworld chief executive and former Victorian Liberal Party ...
Travel Weekly

Former treasurer Peter Costello appointed to Helloworld board

Helloworld Travel Limited has appointed former Federal Treasurer Peter Costello AC as an independent director, effective 1 June 2026, according to an ASX listing released this morning. Costello brings ...