Chinese-Linked Cyber Group Exploits Citrix Vulnerability in Global Espionage Campaign
A China-based hacking collective known as Salt Typhoon has been identified exploiting a Citrix NetScaler Gateway vulnerability in a sophisticated global cyber-espionage operation. The group used advanced techniques including DLL sideloading and custom malware to maintain persistent access to victim networks. Security analysts warn the campaign demonstrates evolving threats to critical infrastructure sectors worldwide.
Sophisticated Cyber Espionage Campaign Uncovered
Security researchers have identified a widespread cyber intrusion campaign linked to the China-based threat actor Salt Typhoon, according to reports from cybersecurity firm Darktrace. The operation involves exploitation of a Citrix NetScaler Gateway vulnerability to gain initial access to target networks, with victims spanning telecommunications, energy and government sectors across more than 80 countries.