Chinese Cyberespionage Group Targets Europe Amid Geopolitical Tensions
A Chinese cyberespionage group, identified as TA416 by Proofpoint, has refocused its efforts on Europe following a period of targeting other regions. This shift, noted in research published by Proofpoint, began in mid-2025 and is linked to rising tensions between China and Europe over trade, the Russia-Ukraine conflict, and rare earth exports. The group, also known by names such as Twill Typhoon and Mustang Panda, has primarily targeted individuals and mailboxes associated with diplomatic missions and delegations to NATO and the EU. This renewed focus coincided with the 25th EU-China summit. Additionally, TA416 has expanded its operations to the Middle East, targeting government and diplomatic entities in the wake of the conflict in Iran. The group employs various methods, including phishing emails and malware delivery, to achieve its objectives. 
