VentureBeat

CISA warns of credential theft via SolarWinds and PulseSecure VPN

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More Attackers targeted both the Pulse Secure VPN appliance and the SolarWinds ...
Bleeping Computer

SolarWinds Web Help Desk flaw is now exploited in attacks

CISA has added three flaws to its 'Known Exploited Vulnerabilities' (KEV) catalog, among which is a critical hardcoded credentials flaw in SolarWinds Web Help Desk (WHD) that the vendor fixed in late ...
CSOonline

Critical SolarWinds flaw finds exploitations in the wild despite available fixes

A security oversight by SolarWinds developers in August allowing remote access to sensitive credentials within its Web Help Desk (WHD) product has found active exploitations in the wild. According to ...
CSOonline

SolarWinds fixes critical developer oversight

SolarWinds has issued a hotfix to patch up a security oversight that could allow remote access to sensitive credentials hardcoded in its Web Help Desk (WHD) product. The vulnerability, tracked as ...
Bleeping Computer

SolarWinds fixes hardcoded credentials flaw in Web Help Desk

SolarWinds has released a hotfix for a critical Web Help Desk vulnerability that allows attackers to log into unpatched systems using hardcoded credentials. Web Help Desk (WHD) is an IT help desk ...
Morning Overview on MSN

Study finds thousands of sites exposed API keys and other credentials

Researchers scanning 10 million webpages have found that nearly 10,000 pages contained live API credentials left in plain ...