Security news aggregator

Latest coverage for Salt Typhoon

Coverage examines reports on Salt Typhoon, an alleged intrusion set, including infrastructure, disruption, and defensive guidance.

112 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Salt Typhoon is a name used by security researchers and government agencies for a suspected intrusion set linked in public reporting to compromises of telecommunications and other communications infrastructure. Reported incidents have involved access to provider networks and systems that could expose subscriber information, call-detail records, or communications-related data; the scope and attribution of individual cases remain subject to investigation.

The main security concern is prolonged access to high-value network environments, including internet-facing appliances, administrative systems, and monitoring or lawful-intercept infrastructure. Telecommunications operators and connected organizations should inventory and promptly patch exposed devices, restrict management access, enforce multifactor authentication, segment sensitive systems, rotate potentially exposed credentials, and retain authentication and network telemetry for threat hunting. Investigations should examine persistence and lateral movement rather than treating removal of one account or device as sufficient. Because communications data is highly sensitive, suspected access also warrants careful privacy assessment, evidence preservation, and coordination with applicable disclosure and regulatory processes.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 112
Bank Info Security 5 months, 1 week ago

Norway Says Salt Typhoon Hackers Hit Vulnerable Systems

Security Service Says China-Linked Actor Compromised Vulnerable Network DevicesNorway's security service confirmed it was targeted by the China-linked Salt Typhoon campaign, marking one of Europe’s clearest public acknowledgements that the cyberespionage operation extended beyond U.S. telecom and federal networks into allied infrastructure.

Staff Working on China, Intel, Military Oversight Targeted in Espionage OperationU.S. officials are probing a suspected Chinese cyber campaign tied to Salt Typhoon that breached congressional staff email systems supporting national security committees, exposing sensitive discussions and raising concerns about unclassified federal network defenses.

Months after China-linked spies burrowed into US networks, regulator tears up its own response The Federal Communications Commission (FCC) has scrapped a set of telecom cybersecurity rules introduced after the Salt Typhoon espionage campaign, reversing course on measures designed to stop state-backed snoops from slipping back into America's networks.…

Regulator sides with telcos that claimed new cybersecurity duties were too ‘burdensome’ The Federal Communications Commission (FCC) will vote this week on whether to scrap Biden-era cybersecurity rules, enacted after the Salt Typhoon attacks came to light in 2024, that required telecom carriers to adopt basic security controls.…

Bank Info Security 8 months, 3 weeks ago

Salt Typhoon Targets European Telecom

Attack Began With Citrix NetScaler Gateway Compromise, Darktrace SaidThe Chinese cyberespionage hackers commonly tracked as Salt Typhoon haven't stopped their campaign against global telecoms, says managed threat detection firm Darktrace. The group has made telecoms and other digital infrastructure a primary target.

The China-linked advanced persistent threat (APT) actor known as Salt Typhoon has continued its attacks targeting networks across the world, including organizations in the telecommunications, government, transportation, lodging, and military infrastructure sectors

Loading more headlines...