Supply-chain attacks are a defining theme of 2026: rather than breach you directly, attackers compromise something you trust and install — a dependency, a build tool, an update. From Log4Shell to xz-utils to the steady drip of npm and PyPI typosquats, the lesson is the same: your trust boundary includes everything you import.
How the attacks land
- Typosquatting: a malicious package named like a popular one (
reqeusts,colourama) that runs code on install. - Dependency compromise: a maintainer account or a real package gets hijacked and ships a malicious version (the xz-utils backdoor is the cautionary tale).
- Build-system poisoning: compromise CI so the artefact is backdoored even though the source is clean.
- Malicious model/dataset for AI teams — the same problem, new artefacts.
Why it is hard
A modern app pulls in hundreds of transitive dependencies. You did not choose most of them, you cannot read them all, and they run with your application’s privileges. One poisoned package executes in your environment.
Defences that work
- Pin and lock dependencies (lockfiles, hashes); do not float to “latest” in production.
- SBOM — generate a software bill of materials so you can answer “are we affected?” in minutes, not days.
- SCA scanning in CI for known-vulnerable and known-malicious packages.
- Verify provenance — signed artefacts, trusted registries, and (for AI) prefer safetensors + scanned models.
- Least privilege in CI so a poisoned build cannot reach production secrets.
RingSafe brings supply-chain security discipline to code and AI pipelines. Ask about a supply-chain review.
Get a free attack-surface review
We check what an attacker would see about your business — leaked credentials, exposed services, dark-web mentions. 30 minutes, no obligation.