Knowledge Tree
supply chain attacks
Also known as: software supply chain attacks
Facts (19)
Sources
Unknown source 3 facts
bureado/awesome-software-supply-chain-security - GitHub github.com 3 facts
referencePipeline Sentinel, developed by appsec-jedi, is an eBPF-powered security monitor for CI/CD build pipelines that detects and blocks suspicious process executions to prevent supply chain attacks during the build phase.
referenceSupply-graph is a graph-based analysis tool developed by Fraunhofer AISEC that detects supply chain attacks in build systems by tracing source-to-binary relationships, as demonstrated at FOSDEM 2025 using the XZ CVE-2024-3094 vulnerability.
referenceStepSecurity Developer MDM is a tool designed to protect developer machines and AI coding agents from supply chain attacks that target credentials, IDE extensions, and local dependencies.
Software Supply Chain Resilience in 2025: A Comparative Analysis ... ijisc.com Dec 24, 2025 2 facts
Cybersecurity Trends and Predictions 2025 From Industry Insiders itprotoday.com 2 facts
claimThreat actors will continue to exploit vulnerabilities in third-party software, cloud services, and key suppliers in 2025, leading to an increase in supply chain attacks.
claimIn 2025, there will be an increased risk of social engineering and supply chain attacks as digital ecosystems become more connected.
Cyber Warfare in 2026: Trends, Threats, AI & Global Risks eccu.edu 2 days ago 2 facts
claimSupply chain attacks, where attackers compromise trusted vendors, software providers, or open-source components, allow attackers to infiltrate multiple organizations simultaneously.
claimRansomware and supply chain attacks are considered among the most significant threats in cyber warfare due to their scale and impact.
Open Source Software: What is OSS? - Sonatype sonatype.com 2 facts
claimAttackers exploit open source package registries by injecting malicious code into abandoned or compromised projects to launch software supply chain attacks.
claimPolicy enforcement at the point of consumption helps businesses maintain a clean, traceable software supply chain and reduce exposure to supply chain attacks and license violations.
Cyber Insights 2025: Open Source and Software Supply Chain ... securityweek.com Jan 15, 2025 1 fact
measurementRaj Samani, SVP and chief scientist at Rapid7, states that supply chain attacks have increased by 431% since 2021.
Cyber Insights 2025: Open Source and Software Supply Chain ... hendryadrian.com Jan 15, 2025 1 fact
measurementSupply chain attacks targeting Open Source Software (OSS) have increased by 431% since 2021.
What Is Open Source Software? - IBM ibm.com 1 fact
claimKey security concerns with open source software include potential vulnerabilities in components with unknown origin and a lack of design documentation, which can lead to supply chain attacks if compromised libraries are used in a project.
[PDF] A Comprehensive Analysis of Software Supply Chain Attacks in Open ijcttjournal.org 1 fact
claimThe study titled 'A Comprehensive Analysis of Software Supply Chain Attacks in Open' highlights that Open Source Software (OSS)-based supply chain attacks utilize diverse methods and target various components.
Hybrid Warfare 2026: Cyber & Kinetic Threats Converge - Cyble cyble.com 3 days ago 1 fact
claimSupply chain attacks are a growing concern for sectors undergoing rapid digital transformation, specifically healthcare, manufacturing, and financial services.