Security News > 2025 > March > China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access
2025-03-05 15:44
The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks. That's according to new findings from the Microsoft Threat Intelligence team, which said the Silk Typhoon (formerly Hafnium) hacking
News URL
https://thehackernews.com/2025/03/china-linked-silk-typhoon-expands-cyber.html
Related news
- China-aligned PlushDaemon APT compromises supply chain of Korean VPN (source)
- PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack (source)
- IPany VPN breached in supply-chain attack to push custom malware (source)
- Supply chain attack hits Chrome extensions, could expose millions (source)
- Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant' (source)
- North Korea targets crypto developers via NPM supply chain attack (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Feds name and charge alleged Silk Typhoon spies behind years of China-on-US attacks (source)