Threat Post

Second SolarWinds Attack Group Breaks into USDA Payroll — Report

A second APT, potentially linked to the Chinese government, could be behind the Supernova malware. There had been hints that a second group of malicious actors may have exploited a SolarWinds bug to ...
ZDNet

CISA updates SolarWinds guidance, tells US govt agencies to update right away

The US Cybersecurity and Infrastructure Security Agency has updated its official guidance for dealing with the fallout from the SolarWinds supply chain attack. In an update posted late last night, ...
Dark Reading

Risk 'Comparable' to SolarWinds Incident Lurks in Popular Software Update Tool

Researchers have discovered a supply chain risk in a popular installer authoring tool, which they've described as potentially leading to cyberattacks "comparable in scope to supply chain incidents ...