Dark Reading

Risk 'Comparable' to SolarWinds Incident Lurks in Popular Software Update Tool

Researchers have discovered a supply chain risk in a popular installer authoring tool, which they've described as potentially leading to cyberattacks "comparable in scope to supply chain incidents ...
ZDNet

SolarWinds security fiasco may have started with simple password blunders

You can't make this stuff up. A Goldin Solutions representative, a crisis-response PR firm, now claims, however, that SolarWinds has "determined that the credentials ...
Threat Post

Second SolarWinds Attack Group Breaks into USDA Payroll — Report

A second APT, potentially linked to the Chinese government, could be behind the Supernova malware. There had been hints that a second group of malicious actors may have exploited a SolarWinds bug to ...
PC Magazine

US Government Agencies Hit in Massive Hack Possibly From Russia

The US government is scrambling to address a breach that suspected Russian hackers carried out to spy on the US Departments of Treasury and Commerce departments. The hackers broke in by tampering with ...
Infosecurity-magazine.com

SolarWinds Urges Upgrade After Revealing Critical RCE Bug

IT management software provider SolarWinds has urged customers to immediately patch a critical vulnerability in its Web Help Desk platform. CVE-2024-28986 is a Java deserialization remote code ...