The China-affiliated threat entity responsible for the zero-day exploitation of vulnerabilities in Microsoft Exchange servers in January 2021 has modified its strategy to focus on the information technology (IT) supply chain as a method to achieve initial entry into corporate networks.
This is based on recent discoveries from the Microsoft Threat Intelligence group, which reported that the Silk Typhoon (previously known as Hafnium) hacking