{"id":50416,"date":"2023-02-05T12:00:11","date_gmt":"2023-02-05T12:00:11","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/"},"modified":"2023-02-05T12:00:11","modified_gmt":"2023-02-05T12:00:11","slug":"have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/","title":{"rendered":"Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears"},"content":{"rendered":"<p>The hack of SolarWinds&#8217; software more than two years ago pushed the threat of software supply chain attacks to the front of security conversations, but is anything being done?.<\/p>\n<p>In a matter of days this week, at least four disparate efforts to shore up supply chain security were declared, an example of how front-of-mind such risks have become and a push from vendors and developers to reduce them.<\/p>\n<p>The threat is growing. Gartner <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.gartner.com\/en\/articles\/7-top-trends-in-cybersecurity-for-2022\">expects<\/a> that by 2025, 45 percent of organizations globally will have experienced a software supply chain attack, a three-fold jump from 2021. It&#8217;s not a surprise, according to Neatsun Ziv, CEO of startup Ox Security that&#8217;s building an open MITRE ATT&amp;CK-like framework for enterprises to check software supply chains.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"condor\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;These kinds of attacks become super, super lucrative just because the [hits] that you could get from a single weapon is not proportional to anything else you see in the industry,&#8221; Ziv told <i>The Register<\/i>.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xmd=\",fluid,mpu,leaderboard,\" data-lg=\",fluid,mpu,leaderboard,\" data-xlg=\",fluid,billboard,superleaderboard,mpu,leaderboard,\" data-xxlg=\",fluid,billboard,superleaderboard,brandwidth,brandimpact,leaderboard,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"adun_eagle_desktop_story_wrapper\">\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"mid\" data-raptor=\"eagle\" data-xxlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<\/p><\/div>\n<p>As with the SolarWinds attack, a miscreant can inject malicious code into a piece of software before the compromised software is sent out to customers and compromises those systems. Organizations seem to be slow in catching up to this.<\/p>\n<p>More recently, attackers have targeted code repositories like GitHub and <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/12\/21\/pypi_malware_sentinelone\/\" rel=\"noopener\">PyPI<\/a> and companies like CI\/CD platform provider <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2022\/04\/06\/circleci_outage\/\" rel=\"noopener\">CircleCI<\/a>, an incident that expanded the definition of a supply chain attack, according to Matt Rose, field CISO for cybersecurity vendor ReversingLabs.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",fluid,mpu,\" data-sm=\",fluid,mpu,\" data-md=\",fluid,mpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=4&amp;c=44Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>&#8220;What the CircleCI incident illustrates is that organizations have to not only be concerned about malware being injected into a compiled object or deliverable, but also of the tooling used to build them,&#8221; Rose wrote in a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.reversinglabs.com\/blog\/circleci-hack-is-a-red-flag-for-security-teams-on-the-software-supply-chain\">blog post<\/a>. &#8220;That&#8217;s why the CircleCI hack is an eye opener to a lot of organizations out there.&#8221;<\/p>\n<h3 class=\"crosshead\">One framework for them all<\/h3>\n<p>The OSC&amp;R (<a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/pbom.dev\/\">Open Software Supply Chain Attack Reference<\/a>) was launched this week, founded by Ziv \u2013 former vice president of cybersecurity at Check Point \u2013 and other security pros with background at such places as Google, Microsoft, GitLab, and Fortinet.<\/p>\n<p>The idea is to give enterprises a common framework for evaluating and measuring the risk to their supply chains, something that has traditionally been done with intuition and experience. OSC&amp;R will give organizations a common language and tools for understanding the attack tactics and defenses, prioritize threats, and track threat group behavior.<\/p>\n<p>It will be updated as new tactics crop up, will help with red-team penetration exercises, and will take contributions from other vendors. The group took concepts for ransomware and endpoints used in MITRE ATT&amp;CK and applied them to the supply chain.<\/p>\n<p>&#8220;The challenge was that there was no framework to get us from a basic understanding to our ability to check our environment if we are susceptible to the supply chain attacks,&#8221; Ziv said.<\/p>\n<div aria-hidden=\"true\" class=\"adun\" id=\"story_eagle_xsm_sm_md_xmd_lg_xlg\" data-pos=\"mid\" data-raptor=\"eagle\" data-xsm=\",mpu,dmpu,\" data-sm=\",mpu,dmpu,\" data-md=\",mpu,dmpu,\" data-xmd=\",mpu,dmpu,\" data-lg=\",mpu,dmpu,\" data-xlg=\",mpu,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=3&amp;c=33Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>The framework touches on nine key areas \u2013 such as container and open-source security, secrets hygiene, and CI\/CD posture \u2013 and outlines the techniques used by attackers in such areas as initial access, persistence, privilege escalation, and defense evasion. It will grow in both features and contributors, he said.<\/p>\n<h3 class=\"crosshead\">The OpenVEX spec<\/h3>\n<p>In the same spirit, supply chain security vendor Chainguard is heading up a group that includes HPE, VMware, and The Linux Foundation to jumpstart the adoption of the Visibility Exploitability eXchange (VEX), a tool for addressing vulnerabilities in enterprise software. It&#8217;s supported by agencies like the US National Telecommunications and Information Administration (NTIA) and Cybersecurity Infrastructure Security Agency (CISA).&nbsp;<\/p>\n<p>Enter the <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/github.com\/openvex\/spec\">OpenVEX specification<\/a> and reference toolchain<\/p>\n<p>&#8220;Up until today, VEX has been a concept the industry has invested time debating and building minimum requirements around,&#8221; Chainguard founder and CEO Dan Lorenc <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.chainguard.dev\/unchained\/accelerate-vex-adoption-through-openvex\">wrote<\/a>. &#8220;With the release of OpenVEX, organizations can now put VEX into practice.&#8221;<\/p>\n<p>OpenVEX will work as a companion to software bill of materials, which help with transparency but can create &#8220;noise&#8221; in the industry, Lorenc wrote. With OpenVEX, suppliers can more precisely describe how exploitable the products are and help end users filter out false positives.<\/p>\n<p>Chainguard has put OpenVEX in some of its products, including its Wolfi container-specific Linux distribution and Images secure-by-default container base images.<\/p>\n<p>For its part, cybersecurity vendor Checkmarx is building onto the supply chain security offering it released in March 2022 with a threat intelligence tool to focuses on the supply chain. It includes information such as identifying malicious packages by the type of attack \u2013 like typosquatting or dependency confusion &#8212; analysis of the operators behind the attack, how the packages operate, and the historical data behind them.<\/p>\n<p>&#8220;This intel is all about tracking purpose-built, malicious packages that often contain ransomware, cryptomining code, remote code execution, and other common types of malware,&#8221; <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/checkmarx.com\/blog\/checkmarx-supply-chain-threat-intelligence-the-next-level-of-defense-for-open-source-security\/\">wrote<\/a> Stephen Gates, principal content marketing manager for Checkmarx.<\/p>\n<h3 class=\"crosshead\">CISA on the move<\/h3>\n<p>CISA reportedly is creating an office to address supply chain security and work with the public and private sectors to put federal policies in place. According to a report in the <i>Federal News Network<\/i>, Shon Lyublanovits is leading the initiative. She heads the project management office for cyber supply chain risk management (C-SCRM), which is part of CISA&#8217;s cybersecurity division.<\/p>\n<p>The issues the office will address range from counterfeit components to open-source software vulnerabilities.<\/p>\n<p>It&#8217;s the latest step for CISA, which has had a focus on supply chain security since creating a <a target=\"_blank\" rel=\"nofollow noopener\" href=\"https:\/\/www.cisa.gov\/sites\/default\/files\/publications\/factsheet_ict-scrm_508_1.pdf\">task force<\/a> for IT and communications technology task for in 2018.<\/p>\n<p>Varun Badhwar, co-founder and CEO at supply chain security vendor Endor Labs, applauded CISA&#8217;s decision to create the office, telling <i>The Register<\/i> that establishing &#8220;a new capability at such a high level stands out as a milestone.&#8221;<\/p>\n<p>However, it&#8217;s important to understand the complexities of the problem, Badhwar said. There are open-source components through the software lifecycle and organizations need to first secure the open-source software they use. Enterprises and agencies use an average of more than 40,000 open-source software packages downloaded by developers, and each of those can bring in another 77 dependencies.<\/p>\n<p>&#8220;This causes a massive, ungoverned sprawl that increases the supply chain attack surface across multiple dimensions,&#8221; he said, adding that Endor Labs has found that 95 percent of open source vulnerabilities are found in the transitive dependencies. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2023\/02\/05\/supply_chain_security_efforts\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>From frameworks to new federal offices it&#8217;s time to get busy The hack of SolarWinds&#8217; software more than two years ago pushed the threat of software supply chain attacks to the front of security conversations, but is anything being done?.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-50416","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-02-05T12:00:11+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears\",\"datePublished\":\"2023-02-05T12:00:11+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\\\/\"},\"wordCount\":1042,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\\\/\",\"name\":\"Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2023-02-05T12:00:11+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/","og_locale":"en_US","og_type":"article","og_title":"Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-02-05T12:00:11+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears","datePublished":"2023-02-05T12:00:11+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/"},"wordCount":1042,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/","url":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/","name":"Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","datePublished":"2023-02-05T12:00:11+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&amp;tile=2&amp;c=2Y9-aS6MhYD35k@VEmJxuWAAAAAI&amp;t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/have-we-learnt-nothing-from-solarwinds-supply-chain-attacks-not-yet-it-appears\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Have we learnt nothing from SolarWinds supply chain attacks? Not yet it appears"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/50416","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=50416"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/50416\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=50416"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=50416"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=50416"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}