The United States Treasury Department said it suffered a "major cybersecurity incident" that allowed suspected Chinese threat actors to remotely access some computers and unclassified documents. 
"On December 8, 2024, Treasury was notified by a third-party software service provider, BeyondTrust, that a threat actor had gained access to a key used by the vendor to secure a cloud-based



Source: TheHackerNews
Source Link: https://thehackernews.com/2024/12/chinese-apt-exploits-beyondtrust-api.html