Threat Post

Second SolarWinds Attack Group Breaks into USDA Payroll — Report

A second APT, potentially linked to the Chinese government, could be behind the Supernova malware. There had been hints that a second group of malicious actors may have exploited a SolarWinds bug to ...
ZDNet

SolarWinds security fiasco may have started with simple password blunders

You can't make this stuff up. A Goldin Solutions representative, a crisis-response PR firm, now claims, however, that SolarWinds has "determined that the credentials ...
TechRadar

Another top VPN is reportedly being used to spread SolarWinds hack

Threat actors used the Pulse Secure VPN appliance to install the Supernova webshell in a victim’s SolarWinds Orion server, and collect user credentials without permission, a new warning has said.
Computer Weekly

SolarWinds patches two critical CVEs in Orion platform

Users of SolarWinds’ Orion networking platform – the service at the centre of the high-profile Solorigate/Sunburst attack – are once again being advised to patch their systems urgently following the ...