The Register on MSN

Patch these 4 critical make-me-root SolarWinds bugs ASAP

SolarWinds + file transfer software = what attackers' dreams are made of If you run SolarWinds’ Serv-U, you should patch ...

Critical SolarWinds Serv-U flaws offer root access to servers

SolarWinds has patched four critical Serv-U remote code execution vulnerabilities that could grant attackers root access to unpatched servers.
SecurityWeek

Recent SolarWinds Flaws Potentially Exploited as Zero-Days

Attacks targeting SolarWinds Web Help Desk instances in December 2025 might have exploited recently patched vulnerabilities as zero-days.
CSO Online

New Serv-U bugs extend SolarWinds’ run of high-severity disclosures

Four newly disclosed critical CVEs could allow attackers to create privileged accounts and execute arbitrary code, and they reinforce SolarWinds’ status as a high-value target.
CSO Online

SolarWinds WHD zero-days from January are under attack

Analysis of real-world incidents reveals that attackers are chaining multiple flaws to compromise the ticketing and support application.
SecurityWeek

CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.
Security Systems News

SEC charges SolarWinds, CISO with fraud and internal control failures

WASHINGTON, D.C. – The Securities and Exchange Commission (SEC) announced charges against software company SolarWinds and its chief information security officer (CISO), Timothy G. Brown, for fraud and ...
CRN

SolarWinds CEO: Attack Was ‘One Of The Most Complex And Sophisticated’ In History

Hackers first accessed SolarWinds in September 2019 and went out of their way to avoid being detected by the company’s software development and build teams, SolarWinds CEO Sudhakar Ramakrishna says.