Confidential threat intelligence sharing could help prevent the next large-scale intrusions, tech executives say.
Microsoft said the SolarWinds hackers were able to view and download some source code components for Azure, Exchange, and Intune.
SolarWinds has fixed two newly discovered bug in Orion, one of which can lead to remote code execution.
A piece of malware called Raindrop has been found in some networks compromised by the SolarWinds attackers.
CISA has found several initial access vectors used by the SolarWinds attackers, including abusing legitimate accounts and forging SAML tokens.