BeyondTrust says it spotted an attack in early December 2024
It found some of its Remote Support SaaS instances were compromised
It also found and patched two zero-day flaws
BeyondTrust has confirmed it recently suffered a cyberattack after spotting “anomalous behavior” on its network and uncovering some of its Remote Support SaaS instances were compromised.
In an announcement published on its website, the company, which provides Privileged Access Management (PAM) and secure remote access solutions, said a subsequent investigation uncovered that the threat actors accessed a Remote Support SaaS API key, which they used to reset local app account passwords.