The Hacker News2d
BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key
BeyondTrust breach impacted 17 SaaS customers via compromised API key linked to Silk Typhoon; U.S. Treasury affected.
Bleeping Computer21d
CISA orders agencies to patch BeyondTrust bug exploited in attacks
While BeyondTrust's December disclosure didn't explicitly mention it, the threat actors likely leveraged the two flaws as zero days to hack into BeyondTrust systems to reach its customers.
TechRadar21d
CISA tells agencies to patch BeyondTrust bug now
The US Cybersecurity and Infrastructure Security Agency (CISA) has added two recently-discovered BeyondTrust bugs to ... Exchange Server ProxyLogon zero-days. Silk Typhoon is a part of a wider ...
SecurityWeek21d
CISA Warns of Second BeyondTrust Vulnerability Exploited in Attacks
In early December 2024, BeyondTrust discovered that hackers had been using a compromised API key for a remote access service to target several customers, and announced that a critical zero-day ...
Cybersecurity Experts Explain Why China's Alleged U.S. Treasury Hack Is a Big Deal
The alleged cyberattack on the US Treasury is significant because it demonstrates Chinese capabilities to bypass US Treasury cyber defenses. As the financial governing and regulatory body, the US ...
Hosted on MSN20d
CISA tells agencies to patch BeyondTrust bug now
CISA added two bugs found in BeyondTrust products Both were seen ... in early 2021 using Microsoft Exchange Server ProxyLogon zero-days. Silk Typhoon is a part of a wider network of “Typhoon ...
Security Boulevard20d
What We Know So Far about CyberHaven and Other Chrome Extension Attacks
36 different browser extensions compromised through consent phishing Up to 2.6 million users potentially affected Multiple high-profile security and AI tool browser extensions were impacted Given the ...