Attackers exploited vulnerabilities in SolarWinds Web Help Desk to steal high-privilege credentials from various organizations. Microsoft is investigating which specific flaws were used, as multiple recent and old CVEs are in play. Security teams are advised to apply patches and monitor for unauthorized remote management tools.

The article discusses vulnerabilities in Apache Airflow versions before 3.1.6 that can leak sensitive authentication credentials and secrets through logs and user interfaces. Two specific issues allow unauthorized users to access proxy credentials and display sensitive information in the web UI, posing risks to organizations. Immediate upgrades are recommended to mitigate these threats.

The article discusses techniques for extracting credentials from Microsoft Deployment Toolkit (MDT) shares, highlighting the vulnerabilities that can be exploited by red teamers. It provides insights into the methodologies used to access sensitive information and emphasizes the importance of securing MDT configurations against potential threats.