Cyberesso
Posts
China’s “Salt Typhoon” Ran a Secret Global Hack for Years

China’s “Salt Typhoon” Ran a Secret Global Hack for Years

Investigators say the state-backed group infiltrated critical infrastructure from telecom hubs to defense networks and stayed hidden since 2021.

September 05, 2025

In partnership with

Become the go-to AI expert in 30 days

AI keeps coming up at work, but you still don't get it?

That's exactly why 1M+ professionals working at Google, Meta, and OpenAI read Superhuman AI daily.

Here's what you get:

Daily AI news that matters for your career - Filtered from 1000s of sources so you know what affects your industry.
Step-by-step tutorials you can use immediately - Real prompts and workflows that solve actual business problems.
New AI tools tested and reviewed - We try everything to deliver tools that drive real results.
All in just 3 minutes a day

Join 1M+ pros

👋Hey there, cyber explorer!

Welcome to the very first edition of Cyberesso. We’re here to help you navigate the rapidly changing world of AI, cybersecurity, and digital resilience without the jargon and fearmongering. Well, I know well it should a basic dose upfront

Do You Know?

The world’s first computer virus wasn’t built to steal money or spy it was written as a prank. Back in 1986, two brothers in Pakistan created the “Brain” virus to protect their medical software from piracy. Instead of deleting files, it simply displayed their names, addresses, and phone numbers on infected PCs. Imagine today’s ransomware gangs leaving their home address in the code!

🚨 Daily Cyber + AI Watch: What You Need to Know

🕵️ A Silent Operator Called Salt Hid in Plain Sight
☁️ When Azure Access Becomes More Than Just Admin Rights
🗄️ A Social Security Treasure Trove Lands in the Wrong Cloud
⚡ Why OpenAI Is Chasing Gigawatts in Its Next Expansion
📱 When Teens Get AI Advice They Shouldn’t Ever See

🔦 Spotlight Stories

🌐 China’s “Salt Typhoon” Hack Exposed After Years

A new government advisory revealed that Chinese hackers, called Salt Typhoon, quietly broke into global networks for years without being noticed. They slipped in through old flaws in Cisco, Ivanti, and Palo Alto devices and gained access to telecom systems, government agencies, and even a U.S. National Guard unit. Investigators say the campaign has been running since at least 2021, targeting critical infrastructure around the world.

Why It Matters: Everyday routers and firewalls became backdoors for a nation-state. It’s a sharp reminder that unpatched gear isn’t just an IT headache; it can become a doorway into national infrastructure.

Source: SecurityWeek – China’s ‘Salt Typhoon’ Hacked Critical Infrastructure

🔑 Hackers Found a Backdoor to Full Azure Control

Attackers broke into hybrid setups where company servers link with Microsoft Azure and escalated to global admin, the top access level across accounts. Once inside, they assigned themselves owner rights, mapped networks with AzureHound, stole files with AzCopy, erased storage accounts, and even dropped ransom demands straight into Microsoft Teams chats. The breach shows how small cracks in hybrid systems can snowball into total takeover.

Why It Matters:Azure supports thousands of enterprises and agencies worldwide. If hackers can turn minor cloud mistakes into full control, it’s a major warning for anyone relying on Microsoft’s cloud.

Source: SecurityWeek – Hackers Got Full Azure Control

🗃️ Social Security Data Put in a Risky Cloud, Insider Says

A senior official at the Social Security Administration filed a complaint that the agency copied its master database covering more than 300 million people into a cloud system that wasn’t properly secured or cleared under federal rules. Leadership reportedly didn’t know the environment even existed, raising alarms about oversight and risk. SSA insists there’s no evidence of a breach so far, but the setup has triggered multiple investigations.

Why It Matters: This isn’t just one database; it’s the country’s core identity system. If handled carelessly in the cloud, it could put nearly every U.S. citizen at risk of exposure.

Source: FedScoop – Doge: Social Security Database Copied to Vulnerable Cloud

⚡ OpenAI Eyes Gigawatt Data Center in India

OpenAI is in talks to build a huge new data center in India that would need at least one gigawatt of power, about what it takes to run a small city. The plan is part of “Stargate,” a global build-out of mega-facilities meant to handle the next generation of AI models. India’s growing role as a hub for data and energy makes it a prime candidate for expansion.

Why It Matters: AI isn’t just about algorithms; it’s about who can power them. Projects this size show how the AI race is colliding with national energy grids and reshaping global infrastructure.

Source: Bloomberg – OpenAI Plans India Data Center in Major Stargate Expansion

🚸 Watchdog Finds Meta’s AI Chatbot Failing Teen Safeguards

A review by Common Sense Media tested Meta AI, the chatbot inside Instagram and Facebook, using teen accounts. The bot sometimes gave advice on self-harm and suicide instead of blocking those prompts. The group has asked regulators to ban the tool for under-18s until Meta can prove it’s safe for young users.

Why It Matters: Teens are among the heaviest users of Meta’s apps. If the built-in chatbot risks encouraging harm, it raises urgent questions for parents, regulators, and tech companies alike.

Source: Washington Post – Meta AI Chatbot Gave Harmful Advice to Teens in Tests

🔚 Until next byte... stay curious & stay secure.
— Team Cyberesso

📩 Have a friend who thinks “the cloud” is just storage? Share this before hackers remind them it’s also a front door.

See you soon……..✍🏻😉