Microsoft

Analysis of active exploitation of SolarWinds Web Help Desk

We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain compromise; here is how to patch, hunt, and mitigate now.
Capitol Hill Seattle

911 | Monday school lockdowns, Super Bowl 911, and six busted in Capitol Hill Safeway ‘retail theft operation’

See something others should know about? Email CHS or call/txt (206) 399-5959. You can view recent CHS 911 coverage here. Hear sirens and wondering what’s going on? Check out reports ...
InfoQ

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

LinkedIn has rebuilt its static application security testing (SAST) pipeline using GitHub Actions and custom workflows, ...
Dark Reading

Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil

Attackers could even have used one vulnerable Lookout user to gain access to other Google Cloud tenants' environments.
Redmondmag.com

Microsoft Warns of Active SolarWinds Web Help Desk Exploitation

Microsoft's Defender Security Research Team has observed threat actors actively exploiting internet-exposed SolarWinds Web Help Desk instances in multi-stage intrusions that led to lateral movement ...