The widespread campaign of software supply chain attacks that has become known as the “SolarWinds attack” began in 2020, and unofficially elevated software supply chain security to the top echelon of cyber risks to both government and the private sector. But if you are thinking that software supply chain threats and attacks are a new problem plaguing software companies and their customers, you are wrong. Second, these attacks are ongoing, making any accounting of software supply chain attacks incomplete. [ See key takeaways from a survey of more than 300 security pros on software supply chain security. And download the related free report: Flying Blind: Firms Struggle to Detect Software Supply Chain Attacks ]A Chronology of Software Supply Chain AttacksBelow is a list of known (documented, reported) attacks involving compromises of software supply chains.

Source: Washington Post June 08, 2022 18:32 UTC