Ars Technica

Solarwinds common toolset API is always prompting for my admin password in Win7

We use Solarwinds Orion for network monitoring here at work. Whenever I log in and click on anything, or whenever the maps refresh (every minute), I get prompted for my admin password stating that the ...
Bleeping Computer

SolarWinds Web Help Desk flaw is now exploited in attacks

CISA has added three flaws to its 'Known Exploited Vulnerabilities' (KEV) catalog, among which is a critical hardcoded credentials flaw in SolarWinds Web Help Desk (WHD) that the vendor fixed in late ...
CRN

Hackers Exploit SolarWinds, Pulse Secure For Credential Theft: Feds

Hackers entered the unidentified victim’s network through a Pulse Secure VPN appliance, moved laterally to the victim’s SolarWinds Orion sever, installed Supernova malware, and stole credentials, ...
CSOonline

SolarWinds fixes critical developer oversight

SolarWinds has issued a hotfix to patch up a security oversight that could allow remote access to sensitive credentials hardcoded in its Web Help Desk (WHD) product. The vulnerability, tracked as ...
CSOonline

Critical SolarWinds flaw finds exploitations in the wild despite available fixes

A security oversight by SolarWinds developers in August allowing remote access to sensitive credentials within its Web Help Desk (WHD) product has found active exploitations in the wild. According to ...