Bleeping Computer

SolarWinds Web Help Desk flaw is now exploited in attacks

CISA has added three flaws to its 'Known Exploited Vulnerabilities' (KEV) catalog, among which is a critical hardcoded credentials flaw in SolarWinds Web Help Desk (WHD) that the vendor fixed in late ...
CSOonline

Critical SolarWinds flaw finds exploitations in the wild despite available fixes

A security oversight by SolarWinds developers in August allowing remote access to sensitive credentials within its Web Help Desk (WHD) product has found active exploitations in the wild. According to ...
ZDNet

SolarWinds security fiasco may have started with simple password blunders

You can't make this stuff up. A Goldin Solutions representative, a crisis-response PR firm, now claims, however, that SolarWinds has "determined that the credentials ...