Microsoft's Defender Security Research Team has observed threat actors actively exploiting internet-exposed SolarWinds Web Help Desk instances in multi-stage intrusions that led to lateral movement ...
Attacks targeting SolarWinds Web Help Desk instances in December 2025 might have exploited recently patched vulnerabilities as zero-days.
We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain ...
Security researchers warn of active attacks on SolarWinds Web Help Desk. Malicious actors are exploiting vulnerabilities to infiltrate systems and then ...
至顶头条 on MSN
SolarWinds Web Help Desk遭利用:攻击者实施远程代码执行多阶段入侵
微软发现攻击者利用互联网暴露的SolarWinds Web Help Desk实例进行多阶段入侵,获得初始访问权限并在组织网络中横向移动。攻击可能利用了最新披露的漏洞或之前已修补的漏洞进行远程代码执行。攻击者成功利用漏洞后,下载Zoho ManageEngine组件建立持久远程控制,枚举敏感域用户,通过DLL侧加载技术窃取凭据,甚至进行DCSync攻击获取密码哈希。
一些您可能无法访问的结果已被隐去。
显示无法访问的结果