Attacks on unpatched SolarWinds systems continue, and we're now learning of a supply chain attack that started in late January 2021 affecting 29K Codecov customers, as well as a 0day actively attacked affecting customers of PulseSecure VPN. Customers of these 3 services are well known enterprise & government organizations. Two add-on plugins experiencing active attacks: Kaswara Modern WPBakery Page Builder Addons & The Plus Addons for Elementor. Vulnerabilities are patched in Redirection for Contact Form 7.