A critical vulnerability (CVE-2024-28989) in SolarWinds’ Web Help Desk software allowed attackers to decrypt sensitive credentials due to weaknesses in AES-GCM implementation, including static encryption keys and nonce reuse. Patched in version 12.8.5, the flaw enabled practical decryption even without direct access. Organizations are urged to upgrade, restrict backup access, and implement robust key management practices.
Paul floats bipartisan commission amid Affordable Care Act subsidies battle
Sen. Rand Paul (R-Ky.) called on President Trump to appoint a select group of bipartisan senators to a commission tasked with addressing the expiring health
