theNET | Are OSS attacks avoidable?

Screenshot 2023-06-20 at 12.56.08 PM

Protecting the supply chain is notoriously tricky, but why specifically? According to Sonatype’s Annual State of the Software Supply Chain Report, 96% of attacks hinged on an open-source software (OSS) vulnerability that already had an available patch, while just 4% of attacks were deemed “unavoidable.” Considering the many consequences of OSS compromise — e.g. credential harvesting and financial data loss — why are so many of these “avoidable” attacks still getting through? Read theNET.

Screenshot 2023-06-29 at 2.09.34 PM