Sean Lyngaas reports:
Microsoft revealed that a second hacking group had deployed malicious code that affects software made by SolarWinds, the federal contractor at the center of a suspected Russian espionage campaign against multiple U.S. government agencies.
“[T]he investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also affects the SolarWinds Orion product but has been determined to be likely unrelated to this compromise and used by a different threat actor,” a Microsoft research team said in a blog post on Friday.
Read more on CyberScoop.