Salt Typhoon Cyber-Attack
A China-linked group, Salt Typhoon, has been identified by cybersecurity researchers for a cyber intrusion targeting global infrastructure.
The operation, observed by Darktrace, exploited a Citrix NetScaler Gateway vulnerability using advanced methods such as DLL sideloading and zero-day exploits.
About Salt Typhoon
Salt Typhoon, also known as Earth Estries, GhostEmperor and UNC2286, has been active since at least 2019, targeting critical sectors including telecommunications, energy and government systems across over 80 countries.
- Telecommunications
- Energy
- Government systems
The group's activities have been observed in the United States, Europe, the Middle East, and Africa.
No comment from the group or associated parties has been reported.
Author's summary: Salt Typhoon group targets global infrastructure using Citrix flaw.
More News
- Argentina Midterm Elections: Results and Who Won This 2025
- FrieslandCampina-Milcobel merger approved by European Commission
- Letter to the Editor: Reinstate Tom Hayes
- This Handy Ridgid Tool Turns A Regular Drill Into A Drain Snake - SlashGear
- Rethinking Highest Possible Ambition
- Organic waste: An untapped solution to Nigeria’s methane contamination - EnviroNews - latest environment news, climate change, renewable energy
- Resistance and Repression: From ‘No Kings’ Rallies to Right-Wing Hate and Venezuela Threats | KPFA