Someone's attacking SolarWinds WHD to steal high‑privilege credentials - but we don't know who or how

So many CVEs, so little time Digital intruders exploited buggy SolarWinds Web Help Desk (WHD) instances in December to break into victims' IT environments, move laterally, and steal high-privilege ...
The Hacker News

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Microsoft links SolarWinds WHD exploits to RCE, lateral movement, and domain compromise in multi-stage attacks.
The Hacker News

Bloody Wolf Targets Uzbekistan, Russia Using NetSupport RAT in Spear-Phishing Campaign

Bloody Wolf spear-phishing campaign deploys NetSupport RAT across Uzbekistan and Russia, hitting 60+ victims and multiple ...
SecurityWeek

Recent SolarWinds Flaws Potentially Exploited as Zero-Days

Attacks targeting SolarWinds Web Help Desk instances in December 2025 might have exploited recently patched vulnerabilities as zero-days.
Redmondmag.com

Microsoft Warns of Active SolarWinds Web Help Desk Exploitation

Microsoft's Defender Security Research Team has observed threat actors actively exploiting internet-exposed SolarWinds Web Help Desk instances in multi-stage intrusions that led to lateral movement ...
Cybernews

Click Fix access broker campaign hits Windows with Python-driven backdoors

Businesses are being warned about a new cyber campaign targeting Windows environments where getting in is only the beginning – not the end – of the attack.
MUO on MSN

I run this one PowerShell script on every Windows install, and it changes everything

It's free and open-source.

Password guessing without AI: How attackers build targeted wordlists

Attackers don't need AI to crack passwords, they build targeted wordlists from an organization's own public language. This article explains how tools like CeWL turn websites into high-success password ...