Developers have been increasingly targeted by attackers. Compromising a single developer enables attackers to embed malicious code into a company's products. If that product is then used by other companies, the malware can spread to their systems in a supply chain attack.
