Supply Chain Attack — Compromising Trusted Vendors to Reach Downstream Targets
A supply chain attack occurs when threat actors compromise a trusted vendor, software provider, or service to gain indirect access to downstream customers. This SECMONS glossary entry explains how supply chain attacks work, common techniques, and how defenders should reduce third-party risk.