Microsoft announced today that the SolarWinds hackers gained access to a limited number of source code repositories. Microsoft’s investigation determined that the accessed code did not contain any credentials. Microsoft states that it is essential to assume a ‘Zero Trust’ philosophy, meaning that organizations should assume that all of their systems are unsafe and create security models based around this premise. Microsoft has previously released an article on Zero Trust principles with recommendations on operating under this philosophy. The report concludes that the hackers could only access a few files for most repositories.
Source: https://www.bleepingcomputer.com/news/microsoft/microsoft-solarwinds-hackers-downloaded-some-azure-exchange-source-code/