TTPwire Vol. 1 · MITRE ATT&CK·Tagged

← All stories

Huntress

Rising Supply Chain Attacks on Cybersecurity Ecosystems | Huntress

2025-12-23 · Read original ↗

ATT&CK techniques detected

24 predictions
T1195Supply Chain Compromise
98%
"suppliers. how attackers are reshaping the software supply chain landscape the complex web of trust between suppliers and businesses means that attackers no longer need to directly target companies. instead, by focusing on vectors, suppliers, and integrations that organizations a…"
T1195Supply Chain Compromise
96%
"rising supply chain attacks on cybersecurity ecosystems | huntress cybersecurity has always relied on trust. every software update, hardware purchase, and cloud integration depends on the implicit belief that vendors will protect their customers. that trust affords both parties o…"
T1195Supply Chain Compromise
94%
". msps and smbs can take small steps in the right direction by enforcing least privilege for vendor accounts, verifying updates before deployment, and monitoring endpoint behavior for unauthorized script execution or persistence mechanisms. it ’ s impossible to fully eradicate su…"
T1195Supply Chain Compromise
93%
"##ware to 1, 500 organizations worldwide. one trusted operational layer turned into a direct tunnel that malicious actors could use to secure systems. if an msp operates with a small team, constrained resources, and limited telemetry, they may have reduced visibility over upstrea…"
T1195Supply Chain Compromise
92%
"quickly becoming validation. reframing zero trust to the supply chain while the exact vector used in a supply chain vulnerability exploit changes, what ’ s continuous is a misplaced trust. from solarwinds to kaseya, these events demonstrate that trust must be a continuous process…"
T1195.001Compromise Software Dependencies and Development Tools
90%
"third - party trading application, whose code - signing certificate was stolen, allowed attackers to insert a malicious component into 3cx. when the installer was pushed to customers, thousands of environments and msps unknowingly deployed the infected software. on a smaller scal…"
T1195Supply Chain Compromise
90%
", continuously updated map of all vendors, integrations, dependencies, and their associated privileges. use threat intel feeds to monitor vendor breach notifications. - verification : validate the integrity of every update and component through software bill of materials ( sbom )…"
T1195Supply Chain Compromise
90%
"s aids conference. the disks seemingly contained introductory information on the disease, but installing them instead introduced malware that encrypted files and demanded payment. in 2025, brands including hertz and sam ’ s club reported breaches that involved the exfiltration of…"
T1195Supply Chain Compromise
89%
"can instantly infect thousands of connected organizations. - hardware supply chain vulnerabilities : supermicro vulnerabilities and firmware - level exploits show how weaknesses can be introduced into devices before they even reach an organization. acting beneath the operating sy…"
T1195Supply Chain Compromise
88%
"and third - party connectors can allow malicious actors to inject code into otherwise secure environments. this is what happened in 2023 with okta, when a compromise in their support system gave attackers access to customer data, creating a cascade of downstream exposure. while n…"
T1199Trusted Relationship
85%
"and third - party connectors can allow malicious actors to inject code into otherwise secure environments. this is what happened in 2023 with okta, when a compromise in their support system gave attackers access to customer data, creating a cascade of downstream exposure. while n…"
T1195Supply Chain Compromise
82%
"coordinated through cisa and nist, this approach is driving the broader adoption of secure software supply chain precautions. on the automation front, organizations are beginning to shift from periodic assessments to continuous assurance. real - time telemetry, cryptographic sign…"
T1195Supply Chain Compromise
80%
"cowbell cyber reports a 431 % increase in supply chain attacks between 2021 and 2023, and verizon ' s 2024 data breach investigations report ( dbir ) indicates that 15 % of breaches involved a third party. the new geography of digital supply chains the security supply chain isn ’…"
T1592.002Software
56%
"suppliers. how attackers are reshaping the software supply chain landscape the complex web of trust between suppliers and businesses means that attackers no longer need to directly target companies. instead, by focusing on vectors, suppliers, and integrations that organizations a…"
T1195Supply Chain Compromise
54%
"##board controversy, first reported by bloomberg in 2018, demonstrated how components from unverified manufacturers could be altered before assembly. for organizations in the manufacturing and industrial sectors, where hardware integrity supports production systems, safety contro…"
T1195.001Compromise Software Dependencies and Development Tools
51%
"cowbell cyber reports a 431 % increase in supply chain attacks between 2021 and 2023, and verizon ' s 2024 data breach investigations report ( dbir ) indicates that 15 % of breaches involved a third party. the new geography of digital supply chains the security supply chain isn ’…"
T1195.001Compromise Software Dependencies and Development Tools
49%
"suppliers. how attackers are reshaping the software supply chain landscape the complex web of trust between suppliers and businesses means that attackers no longer need to directly target companies. instead, by focusing on vectors, suppliers, and integrations that organizations a…"
T1592.002Software
47%
"rising supply chain attacks on cybersecurity ecosystems | huntress cybersecurity has always relied on trust. every software update, hardware purchase, and cloud integration depends on the implicit belief that vendors will protect their customers. that trust affords both parties o…"
T1195.002Compromise Software Supply Chain
45%
"suppliers. how attackers are reshaping the software supply chain landscape the complex web of trust between suppliers and businesses means that attackers no longer need to directly target companies. instead, by focusing on vectors, suppliers, and integrations that organizations a…"
T1195.002Compromise Software Supply Chain
42%
"s aids conference. the disks seemingly contained introductory information on the disease, but installing them instead introduced malware that encrypted files and demanded payment. in 2025, brands including hertz and sam ’ s club reported breaches that involved the exfiltration of…"
T1195.002Compromise Software Supply Chain
40%
". msps and smbs can take small steps in the right direction by enforcing least privilege for vendor accounts, verifying updates before deployment, and monitoring endpoint behavior for unauthorized script execution or persistence mechanisms. it ’ s impossible to fully eradicate su…"
T1195Supply Chain Compromise
36%
"third - party trading application, whose code - signing certificate was stolen, allowed attackers to insert a malicious component into 3cx. when the installer was pushed to customers, thousands of environments and msps unknowingly deployed the infected software. on a smaller scal…"
T1592.002Software
36%
", continuously updated map of all vendors, integrations, dependencies, and their associated privileges. use threat intel feeds to monitor vendor breach notifications. - verification : validate the integrity of every update and component through software bill of materials ( sbom )…"
T1195.002Compromise Software Supply Chain
34%
"and third - party connectors can allow malicious actors to inject code into otherwise secure environments. this is what happened in 2023 with okta, when a compromise in their support system gave attackers access to customer data, creating a cascade of downstream exposure. while n…"

Summary

Learn how supply chain attacks and shifting trust are reshaping the software supply chain, and what enterprises must do to strengthen resilience.