{"uuid": "204a9d18-86aa-4554-b45c-4c5958c5114a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12356", "type": "exploited", "source": "https://t.me/thehackernews/6100", "content": "\ud83d\udea8 Suspected Chinese state-sponsored hackers breached the U.S. Treasury via a compromised API key from BeyondTrust, a third-party vendor. \n \n\ud83d\udca1 Here\u2019s what happened: \n\u00bb Attackers gained access to a key securing BeyondTrust\u2019s cloud-based remote support service. \n\u00bb They bypassed security to remotely access Treasury workstations and unclassified documents. \n\u00bb CVE-2024-12356, a critical vulnerability (CVSS 9.8), was actively exploited. \n \n\u27a1\ufe0f Read More: https://thehackernews.com/2024/12/chinese-apt-exploits-beyondtrust-api.html", "creation_timestamp": "2024-12-31T06:46:44.000000Z"}