# Taxonomy of Attacks on Open-Source Software Supply Chain

Taxonomy of attacks on open-source software supply chain based on 94 real-world incidents.

It is based on the recent paper by @piergiorgioLad, @HenrikPlate, @barais and Matias S. Martinez.

Link: \[[https://sap.github.io/risk-explorer-for-software-supply-chains/](https://sap.github.io/risk-explorer-for-software-supply-chains/)\]

![](https://cdn.hashnode.com/res/hashnode/image/upload/v1713122362434/d712cc51-f935-41e5-acb2-0456bacb0efb.png align="center")
