Microsoft says threat actor behind SolarWinds supply chain hack targeted government agencies, think tanks, consultants, and non-governmental organizations. Microsoft attributed the ongoing intrusions to the Russian threat actor it tracks as Nobelium. The attacks leveraged a legitimate mass-mailing service called Constant Contact to conceal its malicious activity and masquerade as USAID, a U.S.-based development organization, for a wide-scale phishing campaign that distributed phishing emails to a variety of organizations and industry verticals.
Source: https://thehackernews.com/2021/05/solarwinds-hackers-target-think-tanks.html