Unlike the SolarWinds and CodeCov incidents, all that it took for an adversary to nearly pull off a massive supply chain attack was some slick social engineering and a string of pressure emails.
The Solarwinds attack showed that threat actors are increasingly moving to software supply chain attacks on software, and compromising low-handing fruit in its delivery. These threat actors often…