Software Supply Chain Attacks: Defending Against Dependency Confusion, Typosquatting, and Compromised Packages

245%
year-over-year increase in software supply chain attacks between 2022 and 2024 — the attack surface grows with every new open source dependency
XZ Utils 2024
a backdoor planted by a nation-state actor over two years of social engineering of the open source maintainer — affecting a core compression library in Linux distributions
npm
hosts over 2.5 million packages — a dependency tree of 100 npm packages typically pulls in 1,000+ transitive dependencies from thousands of different authors
SBOM
Software Bill of Materials — a machine-readable inventory of all software components — is now required for federal government software suppliers and increasingly demanded by enterprise procurement

SponsoredRetool

Retool's new app builder is where AI-generated code ships safely

Building apps with AI is easy. Getting them to production safely is another story.

Start building for free today

A software supply chain attack compromises the components that developers and build systems trust: open source packages, private package registries, build tools, and CI/CD pipelines. Unlike direct application attacks, supply chain attacks scale by infecting the source rather than each individual consumer — one compromised npm package can execute malicious code across thousands of organizations that install it, often without any action by the victim beyond running npm install.

The attack surface is significant: the average enterprise application has hundreds of direct dependencies and thousands of transitive dependencies (dependencies of dependencies). Each is a potential vector. This guide covers the specific attack techniques and the controls that address them.

The four main attack techniques and how each works

Software supply chain attacks follow distinct patterns. Understanding each helps prioritize the right defensive controls.

Subscribe to unlock Remediation & Mitigation steps

Free subscribers unlock full IOC lists, Sigma detection rules, remediation steps, and every daily briefing.

SBOM: inventory before you can defend

A Software Bill of Materials is a machine-readable list of all software components in your application. You cannot monitor, audit, or respond to supply chain compromises in dependencies you do not know exist.

Subscribe to unlock Remediation & Mitigation steps

Free subscribers unlock full IOC lists, Sigma detection rules, remediation steps, and every daily briefing.

Free daily briefing

Briefings like this, every morning before 9am.

Threat intel, active CVEs, and campaign alerts, distilled for practitioners. 50,000+ subscribers. No noise.

Controls that prevent supply chain compromise

Defensive controls address different attack techniques. Implement layered controls because no single control addresses all attack vectors.

Subscribe to unlock Remediation & Mitigation steps

Free subscribers unlock full IOC lists, Sigma detection rules, remediation steps, and every daily briefing.

Detecting a supply chain compromise after it occurs

Despite preventive controls, compromise is possible. Early detection limits the blast radius.

Subscribe to unlock Remediation & Mitigation steps

Free subscribers unlock full IOC lists, Sigma detection rules, remediation steps, and every daily briefing.

The bottom line

Software supply chain attacks scale because they target trust — the package you always trusted, the action you imported without reviewing, the build tool you never questioned. Effective defense is not about eliminating open source dependency (that is operationally impossible) but about making the dependency graph visible (SBOM), verifiable (lock files with hashes, sigstore signatures), and monitored (continuous vulnerability scanning). For CI/CD pipelines, the same principle applies: treat your build environment as a security boundary, not a trusted internal system.

Frequently asked questions

How do I check if an npm package is malicious before installing it?

Before installing an unfamiliar package: check the package's npm page for download count and maintenance status (very low download packages with recent publish dates are higher risk), review the package's GitHub repository for legitimacy (does it have issues, contributors, history?), run the package through Socket.dev (real-time npm package security analysis), check Snyk Advisor for security score, and search for the package name in vulnerability databases. For packages you are about to add as a dependency: read the package.json install scripts (postinstall, preinstall) — these scripts execute automatically at install time and are the primary malware delivery mechanism. Never install packages with suspicious install scripts you cannot read and understand.

What is the difference between a direct and transitive dependency vulnerability?

A direct dependency is a package you explicitly listed in your package.json or requirements.txt. A transitive dependency is a package that one of your direct dependencies depends on — you did not choose it directly but it is installed as part of your dependency tree. Most supply chain vulnerabilities affect transitive dependencies: Log4Shell affected Log4j, which was a transitive dependency for thousands of Java applications that did not directly import it. SBOMs capture all dependencies including transitive ones. Tools like Dependabot and Snyk detect vulnerabilities in transitive dependencies and generate remediation PRs that update the direct dependency to a version that pulls in a patched transitive version.

Should we audit all open source dependencies before use?

Manual audit of every dependency is not operationally feasible — a typical npm project has thousands of transitive dependencies. Apply risk-based prioritization: perform manual code review for direct dependencies with high privilege (packages that handle authentication, encryption, or make network requests), high usage (packages in performance-critical paths), or low package health scores (OpenSSF Scorecard below 4, last commit more than 2 years ago). Use automated tooling (Dependabot, Snyk, Socket.dev) for broad automated scanning of all dependencies. Reserve manual review for the highest-risk subset.

Sources & references

  1. CISA Software Supply Chain Security Guidance
  2. SLSA Supply Chain Levels for Software Artifacts
  3. OpenSSF Scorecard

Free resources

25
Free download

Critical CVE Reference Card 2025–2026

25 actively exploited vulnerabilities with CVSS scores, exploit status, and patch availability. Print it, pin it, share it with your SOC team.

No spam. Unsubscribe anytime.

Free download

Ransomware Incident Response Playbook

Step-by-step 24-hour IR checklist covering detection, containment, eradication, and recovery. Built for SOC teams, IR leads, and CISOs.

No spam. Unsubscribe anytime.

Free newsletter

Get threat intel before your inbox does.

50,000+ security professionals read Decryption Digest for early warnings on zero-days, ransomware, and nation-state campaigns. Free, daily, no spam.

Unsubscribe anytime. We never sell your data.

Eric Bang
Author

Founder & Cybersecurity Evangelist, Decryption Digest

Cybersecurity professional with expertise in threat intelligence, vulnerability research, and enterprise security. Covers zero-days, ransomware, and nation-state operations for 50,000+ security professionals every morning.

Black Hat Giveaway

Win a $2,495 Black Hat pass.

Full-access to Black Hat USA 2026 in Las Vegas. Subscribe free to enter.

Joins Decryption Digest daily briefing. Unsubscribe anytime.

Giveaway: Black Hat USA 2026 Full-Access Pass ($2,495 value)

Details →
Daily Briefing

Subscribe to enter the giveaway

Every subscriber is automatically entered. You also get daily threat intel every morning: zero-days, ransomware, and nation-state campaigns. Free. No spam.

Already subscribed? You're already entered.

Giveaway

Win a $2,495 Black Hat USA 2026 pass.