SolarWinds Compromise is a threat campaign tracked across 3 threat clusters and 3 intelligence report mentions on ThreatCluster. First observed December 12, 2025; most recent activity June 3, 2026.
The SolarWinds Compromise refers to a high-profile supply-chain intrusion in which attackers breached SolarWinds' Orion software build/update process and inserted a malicious backdoor into legitimate updates, enabling access to thousands of organizations’ networks. Its significance stems from exploiting trusted software delivery to conduct stealthy espionage at scale, prompting a paradigm shift in software supply-chain risk management and incident response.
Adversaries are increasingly leveraging external remote services like VPNs and Citrix to gain unauthorized access to networks. These attacks often involve using valid accounts obtained through credential harvesting or…
On May 20, 2026, The Oncology Institute, Inc. was notified of unauthorized access to its systems by Kroll, a third-party vendor. The incident, confirmed in an SEC filing on May 22, 2026, involved patient data…
Application Security Posture Management (ASPM) has emerged as a critical evolution in application security, addressing the complexities of selecting effective security solutions. Organizations face challenges with…