SLSA: Defining Supply chain threats

Attacks can occur at every link in a typical software supply chain, and these kinds of attacks are increasingly public, disruptive and costly in today’s environment.

Threat: Submit bad code to the source repository

Bad actors in your codebase.

Linux hypocrite commits: Researcher attempted to intentionally introduce vulnerabilities into the Linux kernel via patches on the mailing list.

Notice. uses cookies to provide necessary website functionality, improve your experience and analyze our traffic. By using our website, you agree to our privacy policy and our cookie policy.