Solarwinds News Articles
Recent news articles refferecing the vendors vulnerabilities.
CISA orders federal agencies to patch exploited SolarWinds, Apple, Microsoft bugs within weeks
The Cybersecurity and Infrastructure Security Agency (CISA) added ten new vulnerabilities to its catalog of exploited bugs this week, forcing all federal civilian agencies to resolve the issues by the first week of March.
2 weeks ago
Researchers Observe In-the-Wild Exploitation of BeyondTrust CVSS 9.9 Vulnerability
Active exploitation of BeyondTrust enables unauthenticated RCE as CISA adds Apple, Microsoft, SolarWinds, and Notepad++ flaws to KEV list.
2 weeks ago
CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities
CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.
2 weeks ago
SolarWinds WHD Attacks Highlight Dangers of Exposed Apps
Organizations that have exposed their instances of Web Help Desk to the public Internet have inadvertently made them prime targets for attackers.
3 weeks ago
The Hacker NewsCVE-2025-40551SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers
Microsoft links SolarWinds WHD exploits to RCE, lateral movement, and domain compromise in multi-stage attacks.
3 weeks ago
The Hacker NewsCVE-2025-40551CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog
CISA adds an actively exploited SolarWinds Web Help Desk RCE flaw to KEV, ordering federal agencies to patch by February 2026.
4 weeks ago
CISA flags critical SolarWinds RCE flaw as exploited in attacks
CISA has flagged a critical SolarWinds Web Help Desk vulnerability as actively exploited in attacks and ordered federal agencies to patch their systems within three days.
4 weeks ago
SolarWinds releases third patch to fix Web Help Desk RCE bug
SolarWinds has released a hotfix for a critical a critical vulnerability in Web Help Desk that allows remote code execution (RCE) without authentication.
The Hacker NewsCVE-2025-26399SolarWinds Releases Hotfix for Critical CVE-2025-26399 Remote Code Execution Flaw
SolarWinds fixes CVE-2025-26399, a 9.8 CVSS patch bypass of CVE-2024-28988, preventing remote code execution.
CISA Flags Critical SolarWinds Web Help Desk Bug for In-the-Wild Exploitation
CISA warns that a critical-severity hardcoded credentials vulnerability in SolarWinds Web Help Desk is exploited in attacks.
Week in review: Windows Server 2025 gets hotpatching option, PoC for SolarWinds WHD flaw released - Help Net Security
Hereβs an overview of some of last weekβs most interesting news, articles, interviews and videos: Windows Server 2025 gets hotpatching option, without
Help Net SecurityCVE-2024-28987PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) - Help Net Security
Details about and PoC exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability, are now public.
Security AffairsCVE-2024-28991SolarWinds fixed critical RCE CVE-2024-28991 in Access Rights Manager
SolarWinds addressed a critical remote code execution vulnerability, tracked as CVE-2024-28991, in Access Rights Manager.
Security AffairsCVE-2024-28991SolarWinds fixed critical RCE CVE-2024-28991 in Access Rights Manager
SolarWinds addressed a critical remote code execution vulnerability, tracked as CVE-2024-28991, in Access Rights Manager.
SolarWinds Patches Critical Vulnerability in Access Rights Manager
SolarWinds has announced patches for a critical-severity remote code execution vulnerability in Access Rights Manager.
Patch Now: Second SolarWinds Critical Bug in Web Help Desk
The disclosure of CVE-2024-28987 means that, in two weeks, there have been two critical bugs and corresponding patches for SolarWinds' less-often-discussed IT help desk software.
SolarWinds issues update to fix hardcoded vulnerability in Web Help Desk software
The security flaw, tracked as CVE-2024-28987, received a 9.1 severity rating in the Common Vulnerability Scoring System. The security blunder affects Web Help Desk 12.8.3 HF1 and its previous versions, and users are encouraged to manually install the 12.8.3 HF2 to potentially remove the baked-in cre...
Help Net SecurityCVE-2024-28987Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987) - Help Net Security
SolarWinds has released a hotfix for yet another critical flaw (CVE-2024-28987) in its Web Help Desk solution.
The Hacker NewsCVE-2024-28987Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk
SolarWinds issues an urgent patch for a critical Web Help Desk vulnerability. Update now to protect against unauthorized remote access.
SolarWinds fixes hardcoded credentials flaw in Web Help Desk
SolarWinds has released a hotfix for a critical Web Help Desk vulnerability that allows attackers to log into unpatched systems using hardcoded credentials.
CybersecurityNewsSolarWinds Web Help Desk RCE Vulnerability Allows Remote Exploitation β Hotfix Released
SolarWinds has released a critical hotfix addressing multiple vulnerabilities in its Web Help Desk (WHD) software.
CyberInsiderCVE-2024-28986CISA: New SolarWinds Vulnerability Actively Exploited in the Wild
CISA has issued an urgent warning regarding active exploitation of a critical vulnerability in SolarWinds Web Help Desk.
CISA warns critical SolarWinds RCE bug is exploited in attacks
CISA warned on Thursday that attackers are exploiting a recently patched critical vulnerability in SolarWinds' Web Help Desk solution for customer support.
Help Net SecurityCVE-2024-28986Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986) - Help Net Security
SolarWinds fixed a vulnerability (CVE-2024-28986) in its Web Help Desk solution that may allow attackers to run commands on the host machine.
www.thehackerwire.comMohamed Nabil Ali
Estimated read time 2 min read ServiceNow has patched three critical security vulnerabilities that could have allowed remote hackers to expose and access to sensitive data and execute malicious code on...