diff --git a/monkey/infection_monkey/exploit/zerologon.py b/monkey/infection_monkey/exploit/zerologon.py
index bae4a4054..19445f6ab 100644
--- a/monkey/infection_monkey/exploit/zerologon.py
+++ b/monkey/infection_monkey/exploit/zerologon.py
@@ -18,6 +18,7 @@ from impacket.dcerpc.v5.dtypes import NULL
 from common.agent_events import CredentialsStolenEvent
 from common.common_consts.timeouts import LONG_REQUEST_TIMEOUT
 from common.credentials import Credentials, LMHash, NTHash, Username
+from common.tags import T1003_ATTACK_TECHNIQUE_TAG, T1098_ATTACK_TECHNIQUE_TAG
 from infection_monkey.exploit.HostExploiter import HostExploiter
 from infection_monkey.exploit.tools.wmi_tools import WmiTools
 from infection_monkey.exploit.zerologon_utils.dump_secrets import DumpSecrets
@@ -32,9 +33,6 @@ from infection_monkey.utils.threading import interruptible_iter
 logger = logging.getLogger(__name__)
 
 ZEROLOGON_EXPLOITER_TAG = "zerologon-exploiter"
-T1003_ATTACK_TECHNIQUE_TAG = "attack-t1003"
-T1098_ATTACK_TECHNIQUE_TAG = "attack-t1098"
-
 
 ZEROLOGON_EVENT_TAGS = frozenset(
     {
@@ -315,7 +313,7 @@ class ZerologonExploiter(HostExploiter):
             tags=ZEROLOGON_EVENT_TAGS,
             stolen_credentials=extracted_credentials,
         )
-        self.event_queue.publish(credentials_stolen_event)
+        self.agent_event_queue.publish(credentials_stolen_event)
 
     def get_original_pwd_nthash(self, username: str, user_pwd_hashes: List[str]) -> Optional[str]:
         if not self.save_HKLM_keys_locally(username, user_pwd_hashes):