Bitcoin ATMs sold by General Bytes were exploited using an unknown 0-day bug that allowed hackers to steal 56 BTC valued at approximately $1.5 million dollars.
A malicious Java application was somehow uploaded to the ATMs which allowed the attackers to drain various hot wallets. The vulnerability was patched by General Bytes 15 hours after they learned of it.