🚀 Join our AI Wargame at Black Hat Asia and our Workshop + Wargame at NDC Sydney .

Supply-Chain Compromise

Adversaries may manipulate software dependencies and development tools prior to receipt by a final consumer for the purpose of data or system compromise.

Metadata

  • Severity: high
  • Slug: supply-chain-compromise

MITRE

  • T1565.001: Data Manipulation: Stored Data Manipulation
  • T1573.002: Encrypted Channel: Asymmetric Cryptography
  • T1195.002: Supply Chain Compromise: Compromise Software Supply Chain
  • T1059.004: Command and Scripting Interpreter: Unix Shell

Available Labs

Open Javascript labs in SecDim Play for this vulnerability.

Try it yourself

Find, Hack and Fix Your First Vulnerability

Reading about security bugs is one thing — fixing one is how the skill sticks. Play a free challenge from the wargame, no setup required.