Security researchers collecting forensic evidence have said that the previously compromised SolarWinds supply chain has been attacked once more. Minimum details have been gathered about the second attack; however, researchers believe that the second attack is not related to the initial Russian state-funded hacking gang. This group was the one responsible for breaching the SolarWinds network to embed malware in the official Orion app.
In the initial attack, the malware was tagged as Solorigate or Sunburst and sent to the SolarWinds clients as part of the updates for the Orion app. In the second attack, hackers have used Supernova, a .NET web shell too.