The NSA, NCSC, and allies warn that Chinese APT actors, including Salt Typhoon, are targeting global telecom, government, transport, lodging, and military sectors. These actors exploit known CVEs and weak configurations for initial access, using tactics like modifying ACLs, enabling remote access, and establishing covert communication channels. Defenders are urged to prioritize patching historically exploited CVEs and perform threat hunting to mitigate these threats.