PRC-attributed intrusion set identified by Microsoft in July 2023 after it forged authentication tokens using a stolen Microsoft MSA consumer signing key, enabling access to the Exchange Online mailb…