Researchers have linked a malware loader, called CeeLoader, to the threat group behind the SolarWinds supply-chain attack.
Microsoft said that the threat group has used phishing and password-spraying attacks to compromise at least 14 IT service providers this year.
The Nobelium attackers, who are responsible for the SolarWinds intrusion, have been deploying a new backdoor called FoggyWeb in targeted attacks.
A newly identified attack group from China has been discovered exploiting a zero day in the SolarWinds Serv-U FTP products.
The requirement for vendors to provide a software bill of materials for the apps they sell to federal agencies will only address part of the supply chain risk, experts say.