Chinese Cyber Threat Group Silk Typhoon Shifts Tactics to Target IT Supply Chains

The Chinese cyber threat group Silk Typhoon, known for exploiting zero-day vulnerabilities in Microsoft Exchange servers in January 2021, has changed its tactics to target information technology (IT) supply chains in order to gain initial access to corporate networks. According to new findings from the Microsoft Threat Intelligence team, Silk Typhoon, formerly known as Hafnium, is using this new method to infiltrate corporate networks. This tactical evolution demonstrates a continuous adaptation of threats to bypass existing security measures.