BeyondTrust breach impacted 17 SaaS customers via compromised API key linked to Silk Typhoon; U.S. Treasury affected.

The US Cybersecurity and Infrastructure Security Agency (CISA) has added to its catalog of known exploited vulnerabilities a second vulnerability by BeyondTrust, which was patched in December.

CISA added two bugs found in BeyondTrust products Both were seen in the wild in December 2024 Federal agencies have until February 3, 2025 to patch up The US Cybersecurity and Infrastructure ...

CISA has tagged a command injection vulnerability (CVE-2024-12686) in BeyondTrust's Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks. As mandated by the ...

The U.S. cyber watchdog agency CISA said on Monday there was "no indication" the ... had been compromised by Chinese hackers following a breach at contractor BeyondTrust, which provides cybersecurity ...

CISA in December added CVE-2024-12356 to its KEV catalog. BeyondTrust also identified that command injection vulnerability during its investigation of the attack spree. That vulnerability has a ...

CISA said in a statement Monday that it is “working closely” with both the Treasury and BeyondTrust to “understand and mitigate the impacts” of the breach. “The security of federal ...

CISA said it is working closely with officials at the Treasury Department and BeyondTrust to fully mitigate and understand the impact of the attack, which has been attributed to threat actors ...

The US Cybersecurity and Infrastructure Security Agency (CISA) has added two recently-discovered BeyondTrust bugs to its Known Exploited Vulnerabilities (KEV) catalog. The move means CISA has seen ...

The U.S. cyber watchdog agency CISA said on Monday there was "no ... by Chinese hackers following a breach at contractor BeyondTrust, which provides cybersecurity services.