|
Title: Attacking The Supply Chain: Developer Post by: HCK on February 15, 2023, 04:05:14 pm Attacking The Supply Chain: Developer
In this proof of concept, we look into one of several attack vectors that can be abused to attack the supply chain: targeting the developer. With a focus on the local integrated developer environment (IDE), this proof considers the execution of malicious build scripts via injecting commands when the project or build is incorrectly “trusted”. Source: Attacking The Supply Chain: Developer (https://www.trendmicro.com/en_us/research/23/a/attacking-the-supply-chain-developer.html) |