European telecommunications organization hit by network compromise
Incident
Summary
Hide ▲
Show ▼
A European telecommunications organization suffered a targeted intrusion in the first week of July 2025 after attackers exploited a Citrix NetScaler Gateway appliance for initial access. The compromise created a foothold inside a telecom environment and increased the risk of deeper lateral movement. The intrusion was identified and remediated before escalation.
Related Happenings
Singtel hit by data theft breach
Incident
First: 10.02.2026 00:47
Last: 10.02.2026 00:47
Sources 1
About this happening:
A confirmed **UNC3886** breach of **Singapore’s four largest telcos**—**Singtel, StarHub, M1, and Simba**—created a multi-organization compromise risk across a critical national c...
Singtel hit by data theft breach
IncidentAbout this happening: A confirmed **UNC3886** breach of **Singapore’s four largest telcos**—**Singtel, StarHub, M1, and Simba**—created a multi-organization compromise risk across a critical national c...
Ribbon Communications hit by network compromise
Incident
First: 30.10.2025 14:36
Last: 30.10.2025 14:36
Sources 1
About this happening:
Ribbon Communications disclosed an **unauthorized access** incident against its **IT network**, creating risk around internal systems and customer files. The intrusion was discove...
Ribbon Communications hit by network compromise
IncidentAbout this happening: Ribbon Communications disclosed an **unauthorized access** incident against its **IT network**, creating risk around internal systems and customer files. The intrusion was discove...
RondoDox multivector loader-as-a-service campaign
Campaign
First: 13.10.2025 13:12
Last: 13.10.2025 13:12
Sources 1
About this happening:
The **RondoDox** botnet campaign has expanded into **multivector exploitation** and **loader-as-a-service** distribution, widening risk to **internet-exposed infrastructure** acro...
RondoDox multivector loader-as-a-service campaign
CampaignAbout this happening: The **RondoDox** botnet campaign has expanded into **multivector exploitation** and **loader-as-a-service** distribution, widening risk to **internet-exposed infrastructure** acro...
PRC state-sponsored campaign to gain long-term access to critical infrastructure networks
Campaign
First: 27.08.2025 15:00
Last: 27.08.2025 15:00
Sources 1
About this happening:
**PRC state-sponsored APT actors** are running a **deliberate and sustained campaign** to gain **long-term access** to **critical infrastructure networks worldwide**, increasing r...
PRC state-sponsored campaign to gain long-term access to critical infrastructure networks
CampaignAbout this happening: **PRC state-sponsored APT actors** are running a **deliberate and sustained campaign** to gain **long-term access** to **critical infrastructure networks worldwide**, increasing r...
CISA-led joint cybersecurity advisory on PRC state-sponsored activity
Public Sector Action
First: 27.08.2025 15:00
Last: 27.08.2025 15:00
Sources 1
About this happening:
**CISA** coordinated with **NSA**, **FBI**, and international partners to release a **joint cybersecurity advisory** on **2025-08-27**. The guidance warns of a **deliberate and su...
CISA-led joint cybersecurity advisory on PRC state-sponsored activity
Public Sector ActionAbout this happening: **CISA** coordinated with **NSA**, **FBI**, and international partners to release a **joint cybersecurity advisory** on **2025-08-27**. The guidance warns of a **deliberate and su...
Timeline
-
21.10.2025 10:23 2 articles · 7mo ago
Initial report: European telecommunications organization hit by network compromise
Initial DisclosureIn **the first week of July 2025**, attackers gained **initial access** to a **European telecommunications organization** by exploiting a **Citrix NetScaler Gateway** appliance. That first foothold created an immediate risk of deeper compromise inside a telecom network.
Show sources
- Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network — thehackernews.com — 21.10.2025 10:23
- Hackers Used Snappybee Malware and Citrix Flaw to Breach European Telecom Network — thehackernews.com — 21.10.2025 10:23