Salt Typhoon is believed to be behind a recently disclosed cyber espionage campaign targeting US House committees and staff. In December 2025, researchers identified intrusions that compromised email systems within the US House of Representatives. The group targeted congressional personnel working on national security-related committees, focusing on China’s foreign policy, US foreign affairs, intelligence, and the military.

The campaign represents the latest incident attributed to the threat actor, which has a history of prioritizing operations against telecommunications providers and government agencies. These sectors are attractive targets because they can provide information with strategic geopolitical value. Previous attacks linked to the group have facilitated access to unencrypted calls, messages, and related metadata.

It remains unclear whether any lawmakers’ accounts were successfully accessed. However, the incident highlights the risks associated with breaches at this level, including the potential exposure of legislative priorities and evolving policy positions. Although congressional staff routinely handle sensitive information, these networks often operate with fewer security protections than classified environments, lowering the barrier to adversary access.

Notably, this activity aligns with long-term intelligence collection objectives observed in Chinese state-linked cyber operations, rather than financial motivation.