CISA is tracking a significant cyber incident impacting enterprise networks across federal, state, and local governments, as well as critical infrastructure entities and private sector organizations. An advanced persistent threat (APT) actor compromised the SolarWinds Orion software supply chain and is abusing commonly used authentication mechanisms. If left unchecked, this threat actor has the resources, patience, and expertise to resist eviction from compromised networks and continue to hold affected organizations at risk. CISA urges organizations to prioritize measures to identify and address this threat. For details, review the related CISA Alert, which CISA will update as information becomes available.