Software Supply Chain Security: OWASP A03, SBOM, and the Fight Against Dependency Attacks
The Supply Chain Crisis by the Numbers
Software supply chain attacks have exploded. Modern applications depend on hundreds to thousands of open-source packages, each one a potential attack vector.
| Metric | Value | Source |
|---|---|---|
| Supply chain attacks increase (2019-2025) | 742% | Sonatype 2025 State of the Software Supply Chain |
| Avg npm packages per project | 683 | Synopsys Audit |
| Malicious packages found on npm (2024) | 18,000+ | Socket.dev |
| Avg time to detect compromised package | 43 days | Snyk 2025 |
| Organizations hit by supply chain attack | 62% | Gartner |
Why Supply Chain Is OWASP A03: The OWASP Top 10 2025 merged "Vulnerable and Outdated Components" (A06:2021) with supply chain concerns and elevated it to A03. This reflects the severity: a single compromised dependency can affect millions of downstream applications simultaneously.
Attack Taxonomy
1. Dependency Confusion (Namespace Hijacking)
First disclosed by Alex Birsan in 2021, dependency confusion exploits the way package managers resolve names. If an internal package @company/auth-utils exists, an attacker publishes a public package named auth-utils with a higher version number. Many build systems will prefer the public package.
Companies Successfully Attacked (Birsan's Research):
- Apple
- Microsoft
- PayPal
- Shopify
- Tesla
- Uber
- Yelp
Prevention:
// .npmrc — Force scoped packages to use private registry
@company:registry=https://npm.company.com/
//npm.company.com/:_authToken=${NPM_TOKEN}
2. Typosquatting
Attackers publish packages with names similar to popular ones:
| Legitimate Package | Typosquat | Downloads Before Removal |
|---|---|---|
lodash | 1odash, lodash4 | 50,000+ |
cross-env | crossenv | 700+ |
event-stream | eveent-stream | 1,200+ |
colors | colorsjs | 3,000+ |
requests (Python) | request | 100,000+ |
3. Maintainer Account Takeover
The event-stream incident (2018) remains the canonical example: an attacker gained maintainer access to a package with 1.5M weekly downloads, injected a targeted payload that stole cryptocurrency from a specific wallet. The attack went undetected for months.
4. CI/CD Pipeline Poisoning
GitHub Actions Supply Chain Attack (2025): The tj-actions/changed-files action (used by 23,000+ repositories) was compromised. Attackers injected code that exfiltrated CI/CD secrets (API keys, cloud credentials) via modified action code.
# VULNERABLE — Uses mutable tag that can be compromised
- uses: tj-actions/changed-files@v39
# SECURE — Pin to immutable commit SHA
- uses: tj-actions/changed-files@1f4c18bab80b1e59e33d7c2e1fb8b14cfac52b76
5. Protestware & Sabotage
| Package | Maintainer Action | Impact |
|---|---|---|
colors / faker | Marak Squires injected infinite loop | Broke thousands of apps |
node-ipc | Anti-war protestware deleted files on Russian IPs | Data destruction for targeted users |
peacenotwar | Dependency of node-ipc with geopolitical payload | Supply chain collateral damage |
SBOM: Software Bill of Materials
An SBOM is a formal, machine-readable inventory of all components, libraries, and dependencies in your software.
Why SBOMs Are Now Mandatory
- US Executive Order 14028 (2021) — All software sold to the US government must include an SBOM
- EU Cyber Resilience Act (2024) — Manufacturers must provide SBOMs for products with digital elements
- CISA SBOM Guidelines (2024) — Minimum elements for SBOM defined
SBOM Formats
| Format | Maintained By | Strengths |
|---|---|---|
| CycloneDX | OWASP | Security-focused, VEX support, lightweight |
| SPDX | Linux Foundation | License compliance, ISO standard (ISO/IEC 5962:2021) |
| SWID Tags | NIST | Software identification, asset management |
Generating SBOMs
# CycloneDX for Node.js projects
npx @cyclonedx/cyclonedx-npm --output-file sbom.json
# Syft (universal SBOM generator by Anchore)
syft packages dir:./my-project -o cyclonedx-json > sbom.json
# Trivy (also generates SBOMs)
trivy fs --format cyclonedx --output sbom.json ./my-project
SLSA Framework (Supply-chain Levels for Software Artifacts)
SLSA (pronounced "salsa") is a security framework that provides a checklist of standards to prevent tampering and improve integrity throughout the software supply chain.
| SLSA Level | Requirements | What It Prevents |
|---|---|---|
| Level 0 | No guarantees | Nothing |
| Level 1 | Build process documented, provenance generated | Ad-hoc builds with no traceability |
| Level 2 | Hosted build service, authenticated provenance | Tampering after build |
| Level 3 | Hardened build platform, non-falsifiable provenance | Insider threats on build systems |
| Level 4 | Two-person review, hermetic builds | Unilateral code changes |
Implementing SLSA in GitHub Actions
# Generate SLSA provenance for npm packages
name: SLSA Provenance
on:
push:
tags: ["v*"]
jobs:
build:
runs-on: ubuntu-latest
permissions:
id-token: write # For provenance signing
contents: read
attestations: write
steps:
- uses: actions/checkout@v4
- uses: actions/setup-node@v4
with:
node-version: 20
- run: npm ci --ignore-scripts
- run: npm run build
- name: Generate SBOM
run: npx @cyclonedx/cyclonedx-npm --output-file sbom.json
- name: Attest provenance
uses: actions/attest-build-provenance@v1
with:
subject-path: dist/**
Lockfile Security
Lockfiles (package-lock.json, yarn.lock, pnpm-lock.yaml) pin exact dependency versions and integrity hashes. They are critical for supply chain security.
Lockfile Security Rules:
- Always commit lockfiles to version control
- Use
npm ciin CI/CD (notnpm install) — installs exactly from lockfile - Review lockfile changes in PRs — unexpected dependency changes may indicate attack
- Enable integrity checking — lockfiles contain SHA-512 hashes; verify on install
# Audit dependencies for known vulnerabilities
npm audit
npm audit --audit-level=critical
# Check for deprecated or unmaintained packages
npx depcheck
# Socket.dev — Detect supply chain risks (typosquatting, protestware, etc.)
npx socket optimize
Dependency Management Best Practices
| Practice | Implementation |
|---|---|
| Pin exact versions | Use = not ^ or ~ in production |
| Auto-update with review | Dependabot/Renovate with human review |
| Minimal dependencies | Audit and remove unused packages regularly |
| Private registry | Mirror approved packages via Artifactory/Nexus |
| Vulnerability scanning | npm audit, Snyk, Socket in CI/CD |
| Provenance verification | npm audit signatures (npm v9+) |
| SBOM generation | CycloneDX or SPDX on every build |
Further Reading
- OWASP Top 10 2025 — A03: Injection includes supply chain
- Sonatype (2025), "State of the Software Supply Chain" — Annual analysis
- SLSA Framework — Supply chain integrity levels
- Supply Chain Security Guide — Foundational supply chain concepts
- Birsan, A. (2021), "Dependency Confusion: How I Hacked Apple, Microsoft, and Dozens of Other Companies"
Advertisement
Free Security Tools
Try our tools now
Expert Services
Get professional help
OWASP Top 10
Learn the top risks
Related Articles
OWASP Top 10 2025: What's Changed and How to Prepare
A comprehensive breakdown of the latest OWASP Top 10 vulnerabilities and actionable steps to secure your applications against them.
Software Supply Chain Security: Defending Against Modern Threats
How to protect your applications from supply chain attacks targeting dependencies, build pipelines, and deployment processes.
The Ultimate Secure Code Review Checklist for 2025
A comprehensive, actionable checklist for conducting secure code reviews. Covers input validation, authentication, authorization, cryptography, error handling, and CI/CD integration with real-world examples.