An Analysis of Software Supply Chain Attacks

The interdependencies are legion. One small software component can appear in many different end products. A good example of this was the problem caused in 2016 when Azer Koçulu removed just 11 lines of his Javascript code from the npm software registry. It turned out this little bit of code had been adopted by thousands of software projects, and as a result they could no longer be built.

Leave a Reply

This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.