> those doing supply chain attacks are often at least somewhat professional and take precautions.
Not really.
The vast majority of supply chain attacks in practice are idiots exploiting namespacing, bitflips, or typos on pypi/npm to drop miners or infostealers.
Yes, even the shit tier supply chain attacks count :)
Not really.
The vast majority of supply chain attacks in practice are idiots exploiting namespacing, bitflips, or typos on pypi/npm to drop miners or infostealers.
Yes, even the shit tier supply chain attacks count :)