Dangers of software supply chains
The software landscape continues to grow, and so it is not surprising that the vulnerabilities and attack surfaces of software libraries are not getting smaller. Software supply chain attacks are particularly attractive to threat actors because, if successful, they can gain access to hundreds or thousands of applications with just one attack. Exploiting vulnerabilities or compromising source code in trusted applications can allow an attacker to operate from a central location and move around the network undetected. Various solutions to this danger vector are being researched, a…