NSA warns that hackers are going after U.S. networking gear

The U.S. National Security Agency on Tuesday said a foreign hacking group named APT5, which is known as being Chinese, had been caught exploiting a vulnerability inside networking gear from U.S. technology company Citrix to spy on victims, according to a government cybersecurity advisory.

The alert requested that victims who discover additional evidence reach out to the NSA's Cybersecurity Collaboration Center, a unique division of the spy agency opened in 2021 with the mission of public-private sector collaboration. Citrix in a blog post said it was "aware of a small number of targeted attacks in the wild using this vulnerability." The company has already released a fix for the vulnerability that customers can download.

The NSA alert did not state that APT5 is Chinese, but private sector security researchers have repeatedly reported this link previously. APT5 is known for breaking into telecommunications providers as well as government organizations, satellite and other technology companies. Historically, the hacking team has conducted operations across Southeast Asia and Europe in addition to the U.S.