Supply Chain Attacks

A supply chain attack targets an organization indirectly by compromising one of its trusted vendors, libraries, or update channels. Instead of breaking into the front door, attackers quietly poison a dependency the target already trusts and waits to pull in.