An authentication bypass vulnerability in the SolarWinds Orion software may have been leveraged by adversaries as a zero-day to deploy the SUPERNova malware in target environments. Microsoft disclosed that a second threat actor might have been abusing SolarWind’s Orion software to drop an additional piece of malware called SUPERNOVA on target systems. The development comes as government agencies and cybersecurity experts are working to understand the full consequences of the hack and piece together the global intrusion campaign that has potentially ensnared 18,000 of Solarwinds’ customers.
Source: https://thehackernews.com/2020/12/a-new-solarwinds-flaw-likely-had-let.html