Huntress Labs Identify SolarWinds Cybersecurity Vulnerability

Trending News

CIT Issues IEEPA Order: Why Importers Should Still File Individual Actions

CIT Suspends Prior Order Requiring Immediate Refunds of IEEPA Duties

DOL Publishes Proposed Rule to Rescind the 2024 Biden-Era Independent Contractor Test

CIT Orders Refund of IEEPA Duties on “Any and All” Unliquidated Entries

Trademarks and Copyrights at the 2026 Milano Cortina Olympic Winter Games

Court of International Trade Orders Reliquidation of IEEPA Tariff Duties: What Importers Should Do Now

FTC Issues COPPA Enforcement Policy Statement Promoting Age-Verification Technology

What Employers Need to Know about New DOL Changes to Independent Contractor Rule

Turning the Page: New NLRB General Counsel Signals Changes for Employers from Aggressive Litigation Priorities and Investigatory Tactics (US)

State Department Issues Worldwide Caution: What Visa Applicants and US Travelers Need to Know

Linn F. Freedman

Email

401-709-3353

Bio and Articles

Find Your Next Job !

Legal Counsel, Property & Casualty - Hybrid

Paralegal (CVS Health)

Insurance Defense & Civil Litigation Attorney

Explore More Job Openings

SolarWinds Web Help Desk Vulnerability Targeted by Threat Actors

by: Linn F. Freedman , Robinson & Cole LLP - Data Privacy + Security Insider

Thursday, February 12, 2026

Print Mail Download info_icon_img

info_icon_img

Security researchers at Huntress Labs have identified a vulnerability in SolarWinds’s Web Help Desk that threat actors are exploiting to allow them to execute code remotely.

The vulnerability was listed on the Cybersecurity and Infrastructure Security Agency’s known exploited vulnerabilities last week, and SolarWinds issued a warning, classifying it as a “critical severity” for users to patch the vulnerability. According to SolarWinds, the vulnerability “could lead to remote code execution, which would allow an attacker to run commands on the host machine. This could be exploited without authentication.”

SolarWinds has provided indicators of compromise, suspicious IPs, and the software release, which security professionals should review and update.

Huntress Labs has identified three exploited customers, and Cybersecurity Dive reports that Shadowserver has found 150 instances of compromise. Huntress Labs researchers “believe a threat group tracked as Storn-2603 is behind the attacks.”

If your organization uses SolarWinds’s Web Help, patching the vulnerability should be a priority.

Current Public Notices

Post Your Public Notice Today!

PUBLIC NOTICE OF UCC SALE: ONYX SWNG TIC 1 LLC

Published: 9 March, 2026

PUBLIC NOTICE OF UCC ARTICLE 9 SALE: Healthcare Co. Ltd.

Published: 4 March, 2026

PUBLIC NOTICE OF UCC ARTICLE 9 SALE: CCBC West, LLC –Certain Craft Brewery and Taproom Assets

Published: 3 March, 2026

PUBLIC NOTICE OF UCC ARTICLE 9: Vintec Industries, Inc.

Published: 2 March, 2026

PUBLIC NOTICE OF UCC ARTICLE 9 SALE: Bloomsbury Development, LLC

Published: 25 February, 2026

PUBLIC NOTICE OF UCC ARTICLE 9 SALE OF: CERTAIN PERSONAL PROPERTY COLLATERAL OF PASTORELLI FOOD PRODUCTS, INC.

Published: 24 February, 2026

Discover more public notices

Current Legal Analysis

New York’s Public Campaign Finance Program and the Requirement to Debate

by: Joseph T. Burns

Episode 58- Withdrawal Liability “Cheat Codes”- Section 4204 [Podcast]

by: Neil V. Shah , Robert M Projansky

SEC Grants Section 16(a) Reporting Exemptions for Directors and Officers of Certain Foreign Private Issuers

by: Paul W. Kisslinger

NLRB and DOL Take Action on Joint Employer and Independent Contractor Rules [Podcast]

by: George Carroll Whipple, III

Iran Conflict Could Cause Surge in Military Leave Requests

by: James A. Patton , Kimberly S. Davis

More from Robinson & Cole LLP

Privacy Tip #482 – ShinyHunters Hits Wynn Resorts

by: Linn F. Freedman

A Compliance Wave Is Coming: Data Brokers Brace for DROP Deletion Requests Under the Delete Act

by: Kathryn M. Rattigan

The Fifth Circuit Says You Can’t Write “Written” into the TCPA

Darktrace Issues Annual Threat Report

by: Linn F. Freedman

Hospitals + Critical Infrastructure Organizations on Alert During Iran Conflict

by: Linn F. Freedman

Massachusetts HPC Proposes to Update Material Change Reporting Requirements to Align with Newly Expanded Oversight Authority

by: Conor O. Duffy , Yelena (Lena) Greenberg

The Release Report #10: The RBCRs Are Here! [video]

by: Emilee Mooney Scott

Nasdaq Implements Accelerated Delisting for Securities Trading Below $0.10 for Ten Consecutive Trading Days

by: Er (Arila) Zhou , Anna Jinhua Wang

Nasdaq Proposes Raising the Continued Listing Market Value Requirement to $5 Million

by: Er (Arila) Zhou , Anna Jinhua Wang

New Insider Reporting Requirements for Foreign Private Issuers Under the Holding Foreign Insiders Accountable Act

by: Er (Arila) Zhou , Anna Jinhua Wang

Privacy Tip #481 – Threat Actors Continue to Use Data from Old Breaches

by: Linn F. Freedman

Using Trademarks to Protect IP from AI

by: Daniel J. Lass

DJI vs. the FCC: What the “Covered List” Could Mean for Drone Operators and Manufacturers

by: Kathryn M. Rattigan

Figure Lending Class Action Highlights a Familiar Threat

Swiped Right, Hacked Hard: Bumble Faces Class Action Over Data Breach

by: Kathryn M. Rattigan

Upcoming Events

Mar

5-8

2026

NH Liberty Forum 2026

Mar

11

2026

Labor and Employment Update for Employers - March 2026

Mar

13

2026

Part 5 | Texas Edition: 2026 Medical Staff Virtual Conference

Mar

19

2026

Long Island Workplace Law Breakfast Series: Misconduct Matters: Conducting Workplace Investigations and Responding to Misconduct

Print