A critical vulnerability (CVE-2024-28989) in SolarWinds’ Web Help Desk software allowed attackers to decrypt sensitive credentials due to weaknesses in AES-GCM implementation, including static encryption keys and nonce reuse. Patched in version 12.8.5, the flaw enabled practical decryption even without direct access. Organizations are urged to upgrade, restrict backup access, and implement robust key management practices.

'Cyber incident' impacting DuPage County Sheriff's Office, DuPage County Courthouse: officials – ABC7 Chicago
A cyber incident has affected the DuPage County Sheriff’s Office and the DuPage County Courthouse, according to officials. The incident is currently under investigation, impacting