SolarWinds released an updated advisory for the SuperNova malware discovered while investigating the recent supply chain attack. Security experts from Symantec, Palo Alto Networks, and Guidepoint reported that threat actors were planting a.NET web shell dubbed Supernova. The malicious code is a tainted version of the legitimate.NET library app_web_logoimagehandler.ashxx.b6031896.dll included in the SolarWinds Orion software.”]
Source: https://securityaffairs.co/wordpress/112668/security/solarwinds-supernova-malware-advisory.html