Security News > 2025 > March > China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access

2025-03-05 15:44
The China-lined threat actor behind the zero-day exploitation of security flaws in Microsoft Exchange servers in January 2021 has shifted its tactics to target the information technology (IT) supply chain as a means to obtain initial access to corporate networks. That's according to new findings from the Microsoft Threat Intelligence team, which said the Silk Typhoon (formerly Hafnium) hacking
News URL
https://thehackernews.com/2025/03/china-linked-silk-typhoon-expands-cyber.html
Related news
- That massive GitHub supply chain attack? It all started with a stolen SpotBugs token (source)
- Infosec experts fear China could retaliate against tariffs with a Typhoon attack (source)
- China names alleged US snoops over Asian Winter Games attacks (source)
- Ripple's xrpl.js npm Package Backdoored to Steal Private Keys in Major Supply Chain Attack (source)
- Ripple NPM supply chain attack hunts for private keys (source)
- China is using AI to sharpen every link in its attack chain, FBI warns (source)
- Magento supply chain attack compromises hundreds of e-stores (source)
- Malicious Go Modules Deliver Disk-Wiping Linux Malware in Advanced Supply Chain Attack (source)
- Supply chain attack hits npm package with 45,000 weekly downloads (source)
- RVTools hit in supply chain attack to deliver Bumblebee malware (source)