Malwarebytes said it was breached by the same group who broke into SolarWinds to access some of its internal emails. The company said its intrusion was due to a separate initial access vector that works by “abusing applications with privileged access to Microsoft Office 365 and Azure environments” The discovery was made after Microsoft notified the company of suspicious activity from a dormant email protection app within its Office 365 tenant on December 15. The intrusion is the fourth major cybersecurity vendor to be targeted after FireEye, Microsoft, and CrowdStrike.
Source: https://thehackernews.com/2021/01/solarwinds-hackers-also-breached.html