Microsoft has issued a warning regarding an advanced Chinese hacking group known as Silk Typhoon, which has shifted its tactics to target IT supply chains. This change in strategy includes exploiting remote management tools and cloud applications to gain initial access to networks, facilitating large-scale espionage. The group, linked to the Chinese government, has moved away from exploiting vulnerabilities in Microsoft Exchange and is now leveraging stolen API keys and Privileged Access Management (PAM) credentials. This new approach particularly affects state and local government entities, as well as the IT sector. The warning follows a report from Microsoft that highlights the ongoing threat posed by Silk Typhoon, which has been active in cyber espionage campaigns aimed at both U.S. and international organizations since late 2024.