The software supply chain attack surface is a lot more complicated now, and can be compromised at every stage. Developers are the new high-value targets and we have seen developers fall victim to stolen credentials and secrets, compromised workstations, CI/CD attacks and malicious packages that end up in source code.
