A critical 9.8‑rated flaw (CVE-2025-40551) in SolarWinds Web Help Desk is under active exploitation, letting unauthenticated attackers execute remote code and prompting urgent patch orders for government and enterprise users worldwide.
German insurance major HanseMerkur has been targeted by the Russia-aligned Dragonforce ransomware gang, which claims to have stolen 97GB of data. The attack on the €3 billion firm highlights the escalating threat of ransomware to the global financial services and insurance sectors.
San Francisco-based AI startup Fieldguide has closed a $75 million Series C funding round led by Goldman Sachs Alternatives' growth equity group, achieving a $700 million post-money valuation. The raise brings total venture funding to $125 million as the firm expands its AI enterprise platform.
A critical 9.8‑rated flaw (CVE-2025-40551) in SolarWinds Web Help Desk is under active exploitation, letting unauthenticated attackers execute remote code and prompting urgent patch orders for government and enterprise users worldwide.
Cyber News Centre's cyber update for 6th February 2026: SolarWinds has confirmed active exploitation of a critical vulnerability in its Web Help Desk software, with US authorities ordering federal agencies to patch within three days.
SolarWinds is a major US-based IT management software provider serving more than 300,000 customers worldwide, including government agencies, large corporations, healthcare organizations, and educational institutions across multiple countries including Australia.
Update: A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-40551, is being actively exploited in SolarWinds' Web Help Desk (WHD) software. The flaw, rated 9.8 in severity, is an untrusted data deserialization issue within the AjaxProxy function that allows a remote, unauthenticated attacker to execute operating system commands on an affected server. SolarWinds addressed the vulnerability on January 28 in Web Help Desk version 2026.1. However, evidence of in-the-wild exploitation prompted the US Cybersecurity and Infrastructure Security Agency (CISA) to add the CVE to its Known Exploited Vulnerabilities (KEV) catalog on February 3.
CISA issued an urgent directive requiring US federal agencies to apply the patch by February 6, a significantly shortened three-day deadline that underscores the seriousness of the threat.
The vulnerability was discovered by researchers at Horizon3.ai, who noted it was easily exploitable. This incident marks the third time in recent years that a Web Help Desk vulnerability has been added to the KEV catalog, highlighting the platform as a consistent target for threat actors seeking to compromise enterprise IT environments and gain privileged access to sensitive networks and data.
Why it Matters: The active exploitation of this critical SolarWinds flaw poses a significant and immediate risk to Australian organizations. Government agencies, corporations, and educational institutions using the popular Web Help Desk software are exposed to complete system takeover.
The unusually short three-day patching deadline from CISA serves as a stark warning for security teams globally; this is not a routine vulnerability. The historical targeting of Web Help Desk for high-impact attacks means that any unpatched system is a prime candidate for compromise. A successful attack could lead to widespread data breaches, ransomware deployment, and persistent access for state-sponsored actors or cybercriminals.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
German insurance major HanseMerkur has been targeted by the Russia-aligned Dragonforce ransomware gang, which claims to have stolen 97GB of data. The attack on the €3 billion firm highlights the escalating threat of ransomware to the global financial services and insurance sectors.
San Francisco-based AI startup Fieldguide has closed a $75 million Series C funding round led by Goldman Sachs Alternatives' growth equity group, achieving a $700 million post-money valuation. The raise brings total venture funding to $125 million as the firm expands its AI enterprise platform.
Ivanti has confirmed actively exploited, pre‑authentication remote code‑execution flaws in its Endpoint Manager Mobile platform, allowing attackers to hijack internet‑facing MDM servers, push malicious device profiles, and exfiltrate sensitive mobile data at enterprise scale
With 2.5bn active devices, Apple commands an AI footprint unmatched by any model laboratory or cloud provider. The company is converting hardware ubiquity into a competitive moat, bypassing the race for ever-larger models to integrate AI into a distribution network already serving billions.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
