For providers

Government says hackers compromised a BeyondTrust API key to then access Treasury workstations and steal unclassified documents.

The U.S. Treasury Department was confirmed to have its computers and documents compromised by Chinese state-backed advanced persistent threat hackers in an attack targeted at its BeyondTrust Remote Support software-as-a-service instance just over a week after the BeyondTrust breach was initially reported, reports BleepingComputer.

Microsoft has called on .NET developers to ensure that their apps and developer pipelines no longer use azureedge.net domains amid the impending shutdown of Content Delivery Network provider Edgio, BleepingComputer reports.

ZDNET reports that Microsoft has warned users of a security issue preventing the implementation of upcoming security updates in Windows 11 24H2 instances installed through physical media between early October and early November.

Actively abused security issues newly included by the Cybersecurity and Infrastructure Security Agency to its Known Exploited Vulnerabilities catalog reached 185 this year, compared with 187 in 2023, bringing the total of flaws added by the agency since the catalog's inception over two years ago to 1,238, The Cyber Express reports.

Open-source file archiving software 7-ZIP was noted by its creator Igor Pavlov to not have been impacted by any security issue after verified X user @NSA_Employee39 purportedly leaked a zero-day affecting the archiver that could allegedly be exploited for arbitrary code execution, according to Security Affairs.

Texas has alerted half a dozen companies — including Affinity Solutions, Fifty Technology, HubSpot Inc., LoopMe Limited, Spectrum Mailing Lists, and ZenLeads Inc. — to immediately register to the state's data broker registries to avoid daily fines of at least $100 for each day that they are unregistered, reports The Record, a news site by cybersecurity firm Recorded Future.

CNN reports that the U.S. Supreme Court has been sought by President-elect Donald Trump to delay the implementation of a ban on TikTok poised to be effective just a day prior to his inauguration on Jan. 20.