China-Linked Cyberespionage Campaigns Target Tibetan Community Ahead of Dalai Lama's 90th Anniversary

The Tibetan community was targeted by a China-linked cyberespionage group in two campaigns, Operation GhostChat and Operation PhantomPrayers, in June 2025, just before the 90th anniversary of the Dalai Lama on July 6, 2025. The attacks involved compromising a legitimate website to redirect users via a malicious link. While specific technical details and impacts are not provided, the incident underscores the ongoing threat of state-sponsored cyberespionage targeting politically sensitive communities. The timing of the attacks suggests a strategic motive to exploit a significant event. For cybersecurity professionals, this incident highlights the importance of securing websites and implementing robust security measures, particularly for communities and organizations that may be targeted for geopolitical reasons. Regular security audits, user education on phishing tactics, and robust incident response plans are crucial in mitigating such threats. The practical implications include the need for continuous monitoring of web traffic for unusual redirections or malicious links, and securing web servers to detect and prevent website compromises.