home.social

#solarwinds — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #solarwinds, aggregated by home.social.

  1. Gizmodo: The SolarWinds Hack Was More Humiliating for the Government Than We Thought. “The SolarWinds attack in 2020 was a humiliating all-out assault on U.S. government cybersecurity, and it’s likely that one key reason it’s not more famous is that we still know very little about what the hackers achieved. But we now have a few more crumbs to work with, because new revelations from […]

    https://rbfirehose.com/2026/05/25/gizmodo-the-solarwinds-hack-was-more-humiliating-for-the-government-than-we-thought/
  2. Gizmodo: The SolarWinds Hack Was More Humiliating for the Government Than We Thought. “The SolarWinds attack in 2020 was a humiliating all-out assault on U.S. government cybersecurity, and it’s likely that one key reason it’s not more famous is that we still know very little about what the hackers achieved. But we now have a few more crumbs to work with, because new revelations from […]

    https://rbfirehose.com/2026/05/25/gizmodo-the-solarwinds-hack-was-more-humiliating-for-the-government-than-we-thought/
  3. Gizmodo: The SolarWinds Hack Was More Humiliating for the Government Than We Thought. “The SolarWinds attack in 2020 was a humiliating all-out assault on U.S. government cybersecurity, and it’s likely that one key reason it’s not more famous is that we still know very little about what the hackers achieved. But we now have a few more crumbs to work with, because new revelations from […]

    https://rbfirehose.com/2026/05/25/gizmodo-the-solarwinds-hack-was-more-humiliating-for-the-government-than-we-thought/
  4. Gizmodo: The SolarWinds Hack Was More Humiliating for the Government Than We Thought. “The SolarWinds attack in 2020 was a humiliating all-out assault on U.S. government cybersecurity, and it’s likely that one key reason it’s not more famous is that we still know very little about what the hackers achieved. But we now have a few more crumbs to work with, because new revelations from […]

    https://rbfirehose.com/2026/05/25/gizmodo-the-solarwinds-hack-was-more-humiliating-for-the-government-than-we-thought/
  5. Gizmodo: The SolarWinds Hack Was More Humiliating for the Government Than We Thought. “The SolarWinds attack in 2020 was a humiliating all-out assault on U.S. government cybersecurity, and it’s likely that one key reason it’s not more famous is that we still know very little about what the hackers achieved. But we now have a few more crumbs to work with, because new revelations from […]

    https://rbfirehose.com/2026/05/25/gizmodo-the-solarwinds-hack-was-more-humiliating-for-the-government-than-we-thought/
  6. WARNING: A gigantic coronal hole is darkening Uranus! Scientists investigating Uranus have also discovered that it is full of rocks - not just ice. www.livescience.com/space/the-su... #astronomy #nasa #space #earth #sun #solar #moon #science #uranus #sciencesky #solarwinds

    Gigantic 'hole' in the sun wid...

  7. WARNING: A gigantic coronal hole is darkening Uranus! Scientists investigating Uranus have also discovered that it is full of rocks - not just ice. www.livescience.com/space/the-su... #astronomy #nasa #space #earth #sun #solar #moon #science #uranus #sciencesky #solarwinds

    Gigantic 'hole' in the sun wid...

  8. WARNING: A gigantic coronal hole is darkening Uranus! Scientists investigating Uranus have also discovered that it is full of rocks - not just ice. www.livescience.com/space/the-su... #astronomy #nasa #space #earth #sun #solar #moon #science #uranus #sciencesky #solarwinds

    Gigantic 'hole' in the sun wid...

  9. Nachdem es in den letzten Jahren Angriffe auf #Solarwinds oder #Kaseya gab, steht immer stärker auch die #Opensource Community im Fokus von #Cybercrime, indem durch die Kompromittierung einer Maintainer-Identität potenziell Millionen von Entwicklungsumgebungen und CI/CD-Pipelines ebenfalls kompromittiert werden.

    So haben haben Angreifer die #JavaScript-Bibliothek #Axios, eine der meistgenutzten Komponenten moderner Webentwicklung, zeitweise mit #Schadsoftware bestückt:

    it-daily.net/shortnews/npm-bib

  10. On that note, #Windows10 should be forcefully open sourced so that the world can decide wether or not #Micorsoft still gets to screw with the NT kernel and userland - as they are want to do.

    I keep telling people, it's not the flock - but the shepard. Let's not kid ourselves. #SolarWinds is still reeling in my head. "So you spat unverified code into ring 0? Omg".

    The alternative is of course: switch everyone to #Linux, so that #Ableton will port Live and I can leave all this all behind.

  11. On that note, #Windows10 should be forcefully open sourced so that the world can decide wether or not #Micorsoft still gets to screw with the NT kernel and userland - as they are want to do.

    I keep telling people, it's not the flock - but the shepard. Let's not kid ourselves. #SolarWinds is still reeling in my head. "So you spat unverified code into ring 0? Omg".

    The alternative is of course: switch everyone to #Linux, so that #Ableton will port Live and I can leave all this all behind.

  12. On that note, #Windows10 should be forcefully open sourced so that the world can decide wether or not #Micorsoft still gets to screw with the NT kernel and userland - as they are want to do.

    I keep telling people, it's not the flock - but the shepard. Let's not kid ourselves. #SolarWinds is still reeling in my head. "So you spat unverified code into ring 0? Omg".

    The alternative is of course: switch everyone to #Linux, so that #Ableton will port Live and I can leave all this all behind.

  13. On that note, #Windows10 should be forcefully open sourced so that the world can decide wether or not #Micorsoft still gets to screw with the NT kernel and userland - as they are want to do.

    I keep telling people, it's not the flock - but the shepard. Let's not kid ourselves. #SolarWinds is still reeling in my head. "So you spat unverified code into ring 0? Omg".

    The alternative is of course: switch everyone to #Linux, so that #Ableton will port Live and I can leave all this all behind.

  14. On that note, #Windows10 should be forcefully open sourced so that the world can decide wether or not #Micorsoft still gets to screw with the NT kernel and userland - as they are want to do.

    I keep telling people, it's not the flock - but the shepard. Let's not kid ourselves. #SolarWinds is still reeling in my head. "So you spat unverified code into ring 0? Omg".

    The alternative is of course: switch everyone to #Linux, so that #Ableton will port Live and I can leave all this all behind.

  15. Security Advisory Summary:
    SolarWinds Serv-U 15.5.4 patches four critical vulnerabilities:
    • CVE-2025-40538 – Broken access control → system admin creation + root RCE
    • Two type confusion flaws → root code execution
    • One IDOR vulnerability → elevated execution

    Attack prerequisites:
    High-privileged access required. Exploitation likely via credential compromise or chained privilege escalation.

    Exposure landscape:
    12K+ internet-facing instances observed (Shodan)
    File transfer platforms remain ransomware-favored entry vectors

    Historical context:
    Prior Serv-U CVEs exploited by ransomware groups and state-aligned actors.

    Immediate actions:
    - Patch to 15.5.4
    - Audit privileged accounts
    - Review FTP/SFTP exposure
    - Monitor for anomalous admin creation

    Source: bleepingcomputer.com/news/secu

    Follow us for tactical advisories and vulnerability intelligence.

    Comment with your detection or hardening recommendations.

    #Infosec #SolarWinds #ThreatIntel #CVE2025 #RCE #PrivilegeEscalation #BlueTeam #SecurityEngineering #AttackSurface #ZeroTrust

  16. Security Advisory Summary:
    SolarWinds Serv-U 15.5.4 patches four critical vulnerabilities:
    • CVE-2025-40538 – Broken access control → system admin creation + root RCE
    • Two type confusion flaws → root code execution
    • One IDOR vulnerability → elevated execution

    Attack prerequisites:
    High-privileged access required. Exploitation likely via credential compromise or chained privilege escalation.

    Exposure landscape:
    12K+ internet-facing instances observed (Shodan)
    File transfer platforms remain ransomware-favored entry vectors

    Historical context:
    Prior Serv-U CVEs exploited by ransomware groups and state-aligned actors.

    Immediate actions:
    - Patch to 15.5.4
    - Audit privileged accounts
    - Review FTP/SFTP exposure
    - Monitor for anomalous admin creation

    Source: bleepingcomputer.com/news/secu

    Follow us for tactical advisories and vulnerability intelligence.

    Comment with your detection or hardening recommendations.

    #Infosec #SolarWinds #ThreatIntel #CVE2025 #RCE #PrivilegeEscalation #BlueTeam #SecurityEngineering #AttackSurface #ZeroTrust

  17. Security Advisory Summary:
    SolarWinds Serv-U 15.5.4 patches four critical vulnerabilities:
    • CVE-2025-40538 – Broken access control → system admin creation + root RCE
    • Two type confusion flaws → root code execution
    • One IDOR vulnerability → elevated execution

    Attack prerequisites:
    High-privileged access required. Exploitation likely via credential compromise or chained privilege escalation.

    Exposure landscape:
    12K+ internet-facing instances observed (Shodan)
    File transfer platforms remain ransomware-favored entry vectors

    Historical context:
    Prior Serv-U CVEs exploited by ransomware groups and state-aligned actors.

    Immediate actions:
    - Patch to 15.5.4
    - Audit privileged accounts
    - Review FTP/SFTP exposure
    - Monitor for anomalous admin creation

    Source: bleepingcomputer.com/news/secu

    Follow us for tactical advisories and vulnerability intelligence.

    Comment with your detection or hardening recommendations.

    #Infosec #SolarWinds #ThreatIntel #CVE2025 #RCE #PrivilegeEscalation #BlueTeam #SecurityEngineering #AttackSurface #ZeroTrust

  18. Security Advisory Summary:
    SolarWinds Serv-U 15.5.4 patches four critical vulnerabilities:
    • CVE-2025-40538 – Broken access control → system admin creation + root RCE
    • Two type confusion flaws → root code execution
    • One IDOR vulnerability → elevated execution

    Attack prerequisites:
    High-privileged access required. Exploitation likely via credential compromise or chained privilege escalation.

    Exposure landscape:
    12K+ internet-facing instances observed (Shodan)
    File transfer platforms remain ransomware-favored entry vectors

    Historical context:
    Prior Serv-U CVEs exploited by ransomware groups and state-aligned actors.

    Immediate actions:
    - Patch to 15.5.4
    - Audit privileged accounts
    - Review FTP/SFTP exposure
    - Monitor for anomalous admin creation

    Source: bleepingcomputer.com/news/secu

    Follow us for tactical advisories and vulnerability intelligence.

    Comment with your detection or hardening recommendations.

    #Infosec #SolarWinds #ThreatIntel #CVE2025 #RCE #PrivilegeEscalation #BlueTeam #SecurityEngineering #AttackSurface #ZeroTrust