supply-chain-attacks - Concepts
Explore concepts tagged with "supply-chain-attacks"
Total concepts: 5
Concepts
- Namesquatting - The practice of registering names in shared namespaces like package registries with intent to exploit trust or confusion
- Software Supply Chain Security - The practices, tools, and policies that protect every stage of how software is built, distributed, and consumed
- Dependency Confusion - A supply chain attack where a malicious public package with the same name as an internal package tricks build systems into installing the attacker's version
- Starjacking - A supply chain attack where a malicious package links to a popular GitHub repository to inherit its star count and perceived legitimacy
- Slopsquatting - A supply chain attack where attackers register package names that AI models tend to hallucinate, then wait for developers to install them
← Back to all concepts