SolarWinds in the Media
41 mentions across press, blogs, and newsletters
March 2026
watchTowr Labs
The Most Organized Threat Actors Use Your ITSM (BMC FootPrints Pre-Auth Remote Code Execution Chains)
SolarWinds. Ivanti. SysAid. ManageEngine. Giants of the KEV world, all of whom have ITSM side-projects. ITSMs, as a group of solutions, have played pivotal roles in numerous ransomware gang campaigns - not only do they represent code running on a system, but they hold a significant amount
Mar 18, 2026
TechRadarTech Media
Most IT teams don't have full visibility of their IT stack, but AI is here to help
Three-quarters of companies are lacking visibility across hybrid environments as on-prem makes a comeback alongside cloud.
Mar 17, 2026
Check Point Research
16th March – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 16th March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES United States-based medical technology company Stryker has suffered a cyberattack that caused a global disruption to its environment. The company sai
Mar 16, 2026
WebProNews
The Invisible Saboteur: How Unicode Tricks Are Poisoning Open-Source Code From the Inside Out
Attackers are embedding invisible Unicode characters in open-source code repositories, creating a dangerous supply chain threat where malicious logic hides in plain sight during cod
Mar 14, 2026
Beta News
77 percent of IT teams don’t have full visibility across all their systems
A new report from SolarWinds looks at how IT teams are navigating increasingly fragmented hybrid environments, and in turn, how AI is reshaping modern observability. It finds 77 percent of IT professionals say they have limited visibility across on-prem and cloud environments. In addition 75 percent
Mar 13, 2026
WebProNews
Hacker Breaches FBI, Steals Unredacted Epstein Files in 2026
A hacker breached the FBI's secure systems in late February 2026 via sophisticated phishing, accessing and exfiltrating sensitive Jeffrey Epstein case files, including unredacted do
Mar 11, 2026
WebProNews
Ericsson US Hit by Data Breach After Third-Party Hack Exposes Employee and Customer Information
Ericsson's U.S. division confirmed a data breach exposing employee and customer data, including Social Security numbers, after a third-party vendor was hacked. The incident highligh
Mar 10, 2026
The Record
CISA shortens patch deadline for critical Ivanti, SolarWinds bugs
The Cybersecurity and Infrastructure Security Agency (CISA) gave all federal civilian agencies until Thursday to patch CVE-2025-26399 — a critical vulnerability impacting the popular SolarWinds Web Help Desk.
Mar 10, 2026
SecurityWeek
Recent Ivanti Endpoint Manager Flaw Exploited in Attacks
CISA has added the high-severity authentication bypass vulnerability to its KEV list, along with SolarWinds and Workspace One bugs. The post Recent Ivanti Endpoint Manager Flaw Exploited in Att
Mar 10, 2026
TechBuzz
Mandiant Founder Mandia Raises $190M for AI Security Startup
Kevin Mandia secures massive funding for Armadin after $5.4B Google exit
Mar 10, 2026
Security Affairs
U.S. CISA adds Ivanti EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds EPM, SolarWinds, and Omnissa Workspace One flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple, Rockwell, and Hikvision flaws to its Known Exploited Vulner
Mar 10, 2026
The Hacker News
CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability list is as follows - CVE-2021-22054 (CVSS score: 7.5) - A server-side request forge
Mar 10, 2026
The Stack
Help! SolarWinds Web Help Desk is being exploited in the wild again
Someone should probably raise a ticket.
Mar 9, 2026
Infosecurity Magazine
Threat Actor Exploits Flaws and Uses Elastic Cloud SIEM to Manage Stolen Data
Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub
Mar 9, 2026
WebProNews
The FBI Is Investigating a Cyberattack on the Federal Surveillance Warrant System
The FBI is investigating unauthorized cyber activity targeting the federal surveillance warrant system tied to FISA court processes. The breach could expose classified intelligence
Mar 7, 2026
WebProNews
AI-Powered Cyberattacks Are Accelerating Faster Than Defenses Can Keep Up — Here’s What Businesses Must Do Now
AI-powered cyberattacks are accelerating as hackers adopt accessible generative AI tools for phishing, deepfakes, and automated exploitation. Businesses face unprecedented threats r
Mar 4, 2026
WebProNews
The 51-Second Threat: How Cyberattackers Are Outrunning Enterprise Defenses Across Asia-Pacific
CrowdStrike's 2025 Global Threat Report reveals APAC cyberattackers now achieve breakout times as fast as 51 seconds, with identity-based intrusions, AI-powered social engineering,
Mar 3, 2026
WebProNews
When the Firewall Vendor Gets Breached: Marquis Software’s Lawsuit Against SonicWall Exposes a Growing Crisis in Cybersecurity Supply Chains
Marquis Software Solutions has sued SonicWall in federal court, alleging the firewall maker's cloud backup breach exposed sensitive configuration data that enabled a ransomware atta
Mar 2, 2026
WebProNews
Hacktivists Breach Homeland Security Systems, Exposing ICE Contract Data in Escalating Digital Standoff
A hacktivist group claims to have breached DHS systems, releasing detailed ICE contract data exposing vendor relationships, surveillance tools, and detention spending. The incident
Mar 2, 2026
Check Point Research
2nd March – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 2nd March, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Wynn Resorts, a United States-based casino and hotel operator, has confirmed that employee data was accessed following an extortion threat linked to S
Mar 2, 2026
GBHackers
CISA Alerts on RESURGE Malware Exploiting Ivanti Connect Secure Zero-Days
The Cybersecurity and Infrastructure Security Agency (CISA) has released a Malware Analysis Report (MAR) detailing a new malware family dubbed RESURGE, which is actively exploiting a zero-day vulnerability in Ivanti Connect Secure devices. According to CISA, RESURGE builds upon the functionality
Mar 2, 2026
February 2026
WebProNews
Inside Google’s Security Playbook: How the Cloud Giant Is Rethinking Cyber Defense From Fundamentals to AI
Google Cloud CISO Phil Venables outlines the company's security strategy spanning zero-trust fundamentals, software supply chain integrity, AI defense, regulatory compliance, and a
Feb 28, 2026
WebProNews
America’s Cyber Shield Is Cracking: Inside the Gutting of CISA Under the Trump Administration
CISA, the federal government's primary cybersecurity agency, faces an existential crisis as Trump administration cuts and layoffs gut its workforce, dismantling election security pr
Feb 25, 2026
watchTowr Labs
Buy A Help Desk, Bundle A Remote Access Solution? (SolarWinds Web Help Desk Pre-Auth RCE Chain(s))
It’s been a while, but we’re back - in time for story time.Gather round, strap in, and prepare for another depressing journey of “all we wanted to do was reproduce an N-day, and here we are with 0-days”.Today, friends, we’re
Feb 25, 2026
SecurityWeek
SolarWinds Patches Four Critical Serv-U Vulnerabilities
The four security defects could be exploited for remote code execution but require administrative privileges. The post SolarWinds Patches Four Critical Serv-U Vulnerabilities appeared first
Feb 25, 2026
GBHackers
Critical SolarWinds Serv-U Vulnerabilities Enable Remote Root Access
SolarWinds has released a critical security update for its Serv-U file transfer software, patching four vulnerabilities that could allow attackers to execute arbitrary code with root-level privileges on affected servers. All four flaws carry a CVSS score of 9.1, placing them squarely in the Criti
Feb 25, 2026
TechRadarTech Media
SolarWinds Serv-U has some critical security flaws, so users should update now or face attack
Four critical flaws were addressed, all of which could lead to remote code execution.
Feb 25, 2026
The Hacker News
SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution
SolarWinds has released updates to address four critical security flaws in its Serv-U file transfer software that, if successfully exploited, could result in remote code execution. The vulnerabilities, all rated 9.1 on the CVSS scoring system, are listed below - CVE-2025-40538 - A broken access con
Feb 25, 2026
CSO Online
New Serv-U bugs extend SolarWinds’ run of high-severity disclosures
Solar
Feb 25, 2026
WebProNews
Inside XCSSET: The Shape-Shifting Mac Malware That Hijacks Your Camera While You Sleep
A new variant of XCSSET malware targets Mac users by hijacking camera and microphone permissions through trusted applications, bypassing Apple's TCC privacy framework. The sophistic
Feb 25, 2026
Security Affairs
SolarWinds patches four critical Serv-U flaws enabling root access
SolarWinds addressed four critical Serv-U vulnerabilities that could let attackers gain root access to unpatched servers. SolarWinds released updates fixing four critical Serv-U vulnerabilities that allow remote code execution, potentially giving attackers full root access on unpatched servers. Serv
Feb 24, 2026
The Register AI-ML
Patch these 4 critical, make-me-root SolarWinds bugs ASAP
SolarWinds + file transfer software = what attackers' dreams are made of If you run SolarWinds’ Serv-U, you should patch promptly. Four critical vulnerabilities in the file transfer software can allow attackers to execute code as root.…
Feb 24, 2026
BleepingComputer
Critical SolarWinds Serv-U flaws offer root access to servers
SolarWinds has patched four critical Serv-U remote code execution vulnerabilities that could grant attackers root access to unpatched servers. [...]
Feb 24, 2026
WebProNews
Sophos Takes Aim at the BYOD Blind Spot With Workspace Protection for Contractors and Guests
Sophos launches Workspace Protection to secure contractor and guest access from unmanaged devices, integrating isolated workspaces with its existing threat detection platform as ent
Feb 24, 2026
WebProNews
Inside KeenAdu: The Android Backdoor Hiding in Plain Sight Across Firmware and Google Play Apps
A newly discovered Android backdoor called KeenAdu has been found embedded in device firmware and Google Play apps, highlighting persistent supply-chain vulnerabilities in the Andro
Feb 23, 2026
WebProNews
Open Source SecurityCon Takes Center Stage at KubeCon Europe 2026 as Cloud-Native Security Becomes a Board-Level Priority
Open Source SecurityCon expands at KubeCon Europe 2026 in London, addressing software supply chain security, EU Cyber Resilience Act compliance, and AI pipeline risks as open-source
Feb 23, 2026
WebProNews
The Quiet Crisis in Cryptographic Engineering: Why Sloppy Code Threatens the Foundations of Digital Security
Trail of Bits argues that cryptographic software suffers from a craftsmanship crisis, where mathematically sound algorithms are undermined by careless implementation, poor API desig
Feb 23, 2026
WebProNews
Inside BinaryAudit: How Quesma Is Tackling the Hidden Risk of Closed-Source Software Dependencies
Quesma launches BinaryAudit, a free tool that analyzes closed-source software binaries to reveal hidden open-source components, known vulnerabilities, and license risks — addressing
Feb 23, 2026
WebProNews
Google’s Next Titan Chip Could Reshape Cloud Security — and Signal a Broader Hardware Ambition
Google is reportedly preparing a next-generation Titan security chip for its cloud infrastructure and consumer devices, with code references suggesting an imminent unveiling that co
Feb 20, 2026
Cybersecurity Dive
The AI world’s ‘connective tissue’ is woefully insecure, Cisco warns
In a new report, the company also said businesses should beware of the &l
Feb 19, 2026
Hackread
Firebase Misconfiguration Exposes 300M Messages From Chat & Ask AI Users
A technical mistake in the popular Chat & Ask AI app has left 300 million private messages from 25 million users exposed online. Discover what happened and how you can protect your personal data when using AI chatbots.
Feb 18, 2026