新加坡经发局（EDB）：2023年新加坡网络环境报告（英文版）

Targeting software supply chains and trusted third-party services allows cyber threat actors to compromise targets at scale, maximising the “returns” from a single initial compromise. By leveraging vulnerabilities in widelyused software, threat actors exploit trusted relationships between vendors and their clients, to bypass the latter’s defences. In 2023, such attacks have become pervasive, and resulted in several high-profile incidents: • In May 2023, a zero-day vulnerability in Progress So