The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added three security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, based on evidence of active exploitation.
Redmondmag.com

Signed Malware Impersonating Workplace Apps Used To Deploy RMM Backdoors

Microsoft's Defender Security Research Team has identified a series of phishing campaigns in which an unknown attacker used digitally signed malware masked as common workplace applications to deploy ...
GovCon Wire

The Cybersecurity Challenges of the Supply Chain: Navigating Risks in a Hyper-Connected, Emerging-Tech World

Chuck Brooks, president of Brooks Consulting International and a GovCon Expert, outlines how emerging tech is reshaping cyber ...
heise online

Patch now! Attacks on SolarWinds Web Help Desk observed again

For the repeated time, attackers have targeted systems with the ticketing software SolarWinds Web Help Desk (WHD). Following successful attacks, it is to be assumed that PCs are fully compromised.
Forbes

After SolarWinds, The CISO Has Become A Steward Of Trust

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. After SolarWinds, the CISO job moved out of the engine room and into the spotlight—where ...
Computer Weekly

SolarWinds RCE bug makes Cisa list as exploitation spreads

A critical vulnerability in SolarWinds’ Web Help Desk service has been added to the US Cybersecurity and Infrastructure Security Agency’s (Cisa) Known Exploited Vulnerabilities (Kev) catalogue as ...
Infosecurity-magazine.com

SolarWinds Web Help Desk Vulnerability Actively Exploited

A US security agency has warned SolarWinds Web Help Desk users that a remote code execution (RCE) vulnerability patched by the vendor last week is being actively exploited. The US Cybersecurity and ...
Bleeping Computer

SolarWinds warns of critical Web Help Desk RCE, auth bypass flaws

SolarWinds has released security updates to patch critical authentication bypass and remote command execution vulnerabilities in its Web Help Desk IT help desk software. The authentication bypass ...
CSOonline

SolarWinds, again: Critical RCE bugs reopen old wounds for enterprise security teams

Another round of critical Web Help Desk flaws highlights how SolarWinds’ legacy code and past breaches continue to haunt IT and security leaders. SolarWinds is yet again disclosing security ...
Law

Litigators of the (Past) Week: The SEC Walks Away From Its Case Against SolarWinds, Top Cybersecurity Officer

Late last month, the U.S. Securities and Exchange Commission agreed to dismiss claims that the software company concealed cyber vulnerabilities in the lead-up to the high-profile 2020 Sunburst attack.
JD Supra

SolarWinds dismissed: what the SEC’s U-turn signals for cyber enforcement

The Securities and Exchange Commission’s (SEC) case against SolarWinds and its chief information security officer (CISO), Timothy Brown, ended abruptly on November 20, 2025, when the SEC agreed to ...
American Banker

SolarWinds and CISO cleared as SEC dismisses lawsuit

The Securities and Exchange Commission on Thursday formally dismissed its high-profile civil enforcement action against technology vendor SolarWinds and its chief information security officer, Timothy ...