TechRadar

Solarwinds WHD flaws exploited in attacks targeting servers and credentials

Hackers exploit SolarWinds Web Help Desk flaws CVE-2025-40551 and CVE-2025-26399 Attackers deploy Zoho ManageEngine, Cloudflare tunnels, Velociraptor for persistence and control Campaign ongoing since ...
CSOonline

SolarWinds WHD zero-days from January are under attack

SolarWinds Web Help Desk (WHD) is under attack, with recent incidents exploiting a chain of zero-day and patched vulnerabilities dating back to late 2025, an analysis of customer reports by security ...
Computer Weekly

Researchers delve inside new SolarWinds RCE attack chain

Researchers at Huntress Security have published data on the exploitation of a critical SolarWinds Web Help Desk (WHD) vulnerability, revealing how in at least three known incidents, attackers ...
Dark Reading

SolarWinds WHD Attacks Highlight Risks of Exposed Apps

Threat actors are pouncing on new vulnerabilities in SolarWinds Web Help Desk (WHD), further illustrating the risks of applications exposed to the public Internet. SolarWinds WHD is an IT support and ...
Redmond Magazine

Microsoft Warns of Active SolarWinds Web Help Desk Exploitation

Microsoft observed active exploitation of internet-exposed SolarWinds Web Help Desk vulnerabilities enabling lateral movement. Attackers abused legitimate tools, PowerShell, and RMM software to ...
theregister

Someone's attacking SolarWinds WHD to steal high‑privilege credentials - but we don't know who or how

Digital intruders exploited buggy SolarWinds Web Help Desk (WHD) instances in December to break into victims' IT environments, move laterally, and steal high-privilege credentials, according to ...
SecurityWeek

Recent SolarWinds Flaws Potentially Exploited as Zero-Days

Vulnerable SolarWinds Web Help Desk instances were exploited in December 2025 for initial access. Attacks targeting internet-accessible SolarWinds Web Help Desk (WHD) instances for initial access may ...
cybernews

Another active exploitation of SolarWinds Web Help Desk detected

Active exploitation of newly disclosed SolarWinds Web Help Desk vulnerabilities is underway, with attackers rapidly weaponizing internet-exposed instances for remote code execution and follow-on ...
SecurityWeek

CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

The US cybersecurity agency CISA on Thursday warned that recently disclosed SolarWinds, Notepad++, and Apple vulnerabilities have been exploited in the wild. Tracked as CVE-2025-40536 (CVSS score of 8 ...
Microsoft

Analysis of active exploitation of SolarWinds Web Help Desk

The Microsoft Defender Research Team observed a multi‑stage intrusion where threat actors exploited internet‑exposed SolarWinds Web Help Desk (WHD) instances to get an initial foothold and then ...
techzine

Attackers exploit SolarWinds vulnerability to deploy ransomware

Security researchers warn of active attacks on SolarWinds Web Help Desk. Malicious actors are exploiting vulnerabilities to infiltrate systems and then deploy forensic tools as command-and-control ...
The Hacker News

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move ...