China-Linked Salt Typhoon Breaches European Telecom Via Citrix Exploit

By Pierluigi Paganini
Publication Date: 2025-10-21 11:27:00

Table of Contents

China-Linked Salt Typhoon breaches European Telecom via Citrix exploit

Pierluigi Paganini
October 21, 2025

China-linked Salt Typhoon hacked a European telecom in July 2025 via a Citrix NetScaler Gateway exploit for initial access.

A European telecom firm was targeted in July 2025 by China-linked APT group Salt Typhoon (also known as Earth Estries, FamousSparrow, GhostEmperor, UNC5807, RedMike)), which exploited a Citrix NetScaler Gateway to gain initial access.

In late 2024, a large-scale Chinese cyberespionage campaign targeted global telecoms was exposed and attributed by the US to state-backed group Salt Typhoon.

In December 2024, President Biden’s deputy national security adviser Anne Neuberger said that China-linked APT group Salt Typhoon breached telecommunications companies in dozens of countries.

The Wall Street Journal reported that the senior White House official revealed that at least…

Facebook
Twitter
Pinterest
LinkedIn
Digg
Tumblr
Reddit
Buffer
Blogger
Newsvine
HackerNews
Flipboard
Share
LiveJournal
Yammer
Mix
Instapaper
Copy Link
Mastodon

China-Linked Salt Typhoon breaches European Telecom via Citrix exploit

China-linked Salt Typhoon hacked a European telecom in July 2025 via a Citrix NetScaler Gateway exploit for initial access.

Related Posts