US agencies told to patch by Friday Attackers are exploiting a critical SolarWinds Web Help Desk bug - less than a week after ...

A critical vulnerability in SolarWinds Web Help Desk is facing exploitation activity, about a week after the security flaw ...

CISA adds an actively exploited SolarWinds Web Help Desk RCE flaw to KEV, ordering federal agencies to patch by February 2026 ...

The CVE has a CVSS score of 9.8 as it could allow unauthenticated adversaries to gain admin-level access to help-desk systems ...

A US security agency has warned SolarWinds Web Help Desk users that a remote code execution (RCE) vulnerability patched by ...

CISA warns of recently observed attacks on security vulnerabilities in Solarwinds Web Help Desk, FreePBX and Gitlab.

CVE-2025-40551是SolarWinds在1月底公告中披露的六个常见漏洞和暴露（CVE）之一。该漏洞源于通用弱点枚举（CWE）502——不可信数据的反序列化，如果不及时修补，攻击者可以在目标系统上实现远程代码执行（RCE）。

美国网络安全和基础设施安全局(CISA)周二将影响SolarWinds Web Help Desk的严重安全漏洞添加到已知被利用漏洞目录中，标记为正在被攻击中积极利用。该漏洞编号CVE-2025-40551，评分9.8分，属于不可信数据反序列化漏洞，可能导致远程代码执行。CISA表示，攻击者可在无需身份验证的情况下利用此漏洞在主机上运行命令。

CISA warns that a fresh critical-severity SolarWinds vulnerability leading to unauthenticated RCE has been exploited in attacks.

Exploitation of CVE-2025-40551, an RCE flaw affecting SolarWinds Web Help Desk, appears to be spreading, and defenders are on high alert.

In today’s 2-Minute Tech Briefing, Amazon confirms 16,000 job cuts, giving U.S. staff 90 days to find internal roles.