In April 2021 the UK and US governments attributed the compromise of SolarWinds and the targeting of COVID-19 vaccine developers to  SVR  cyber actors (most known are APT29, Cozy Bear, and the Dukes).  The FBI, Department of Homeland Security  and CISA also issued a joint report providing information on the SVR's cyber tools, targets, techniques, and capabilities. 
In response to this joint report  SVR cyber operators seems to have reacted  by changing their tactics  in an attempt to avoid further detection and remediation efforts by network defenders. The Advisory published by the UK National Cybersecurity Center summarizes the main changes, including the deployment of the open-source tool Sliver to maintain access to previously developed malware, as well as use of most recently the widely reported Microsoft Exchange vulnerabilities.