SecurityWeek

SolarWinds Patches Four Critical Serv-U Vulnerabilities

SolarWinds has patched four critical-severity remote code execution vulnerabilities in the Serv-U enterprise file transfer product.
The Hacker News

SolarWinds Patches 4 Critical Serv-U 15.5 Flaws Allowing Root Code Execution

SolarWinds fixes four critical CVSS 9.1 vulnerabilities in Serv-U 15.5 that could allow root code execution with administrative privileges.
SecurityWeek

CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

Critical SolarWinds Serv-U flaws offer root access to servers

SolarWinds has patched four critical Serv-U remote code execution vulnerabilities that could grant attackers root access to unpatched servers.

Patch these 4 critical, make-me-root SolarWinds bugs ASAP

SolarWinds + file transfer software = what attackers' dreams are made of If you run SolarWinds’ Serv-U, you should patch ...
HHS

Was JetBrains Tool an Infection Vector for SolarWinds Hack?

Reacting to news reports claiming hackers may have used Czech software firm JetBrains’ TeamCity tool as an initial infection vector during the attack against SolarWinds, JetBrains CEO Maxim Shafirov ...
Security Boulevard

The Seam in Cybersecurity Defenses That Nation-States Keep Exploiting

The Notepad++ supply chain compromise is the latest proof that sophisticated adversaries are deliberately targeting the gap between two disciplines: Vulnerability management and detection and response ...
CSO Online

New Serv-U bugs extend SolarWinds’ run of high-severity disclosures

Four newly disclosed critical CVEs could allow attackers to create privileged accounts and execute arbitrary code, and they reinforce SolarWinds’ status as a high-value target.