Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

What is a supply chain attack when it comes to packages? I'd at least include that in the FAQ as I couldn't figure it out.


Thanks for the feedback.

You might enjoy this blog post which explains supply chain attack at length and starts off with a concrete example of a recent supply chain attack (the ua-parser-js attack): https://socket.dev/blog/inside-node-modules




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: