Hackers getting in via NPM maybe

Parents Reply
  • I'm kind of astounded that no official message - even just of acknowledgement - has been sent by Solarwinds to customers. Also, what rumors are you referring to? I haven't even seen an official list of affected products/versions. The article seems to indicate that something was piggybacked on update requests during a certain timeframe. Without more info, it's hard to do anything more refined than shut down the platform or remove all write privilege to service accounts.

Children