Attackers exploited vulnerabilities in SolarWinds Web Help Desk to steal high-privilege credentials from various organizations. Microsoft is investigating which specific flaws were used, as multiple recent and old CVEs are in play. Security teams are advised to apply patches and monitor for unauthorized remote management tools.

SolarWinds released patches for three critical vulnerabilities in its Serv-U file transfer solution. One flaw allows attackers with admin privileges to execute arbitrary code, posing significant risks to affected systems. The vulnerabilities are listed in the CISA's Known Exploited Vulnerabilities catalog.