[jefftk]

>This might just be the frequency illusion at play, but there seem to have been a number of high-profile supply chain attacks of late in major packages.

It's real. As of the beginning of April we'd had 7 in the past 12 months vs 9 in the two decades before that: https://www.jefftk.com/p/more-and-more-extensive-supply-chai...

[godelski]

I think the real question is "are we just hearing about it more now or has the actual rate of attack increased?"

[dragonwriter]

I think it is a real increase in the rate of detected attacks, not just awareness, but whether that’s an increase in vigilance or an increase in attacks is hard to know. I suspect both, of nothing else because awareness drives both vigilance and attackers inspired by the earlier attacks.

[esseph]

Rate of attack increased over the past 5 years and multiple wars and proxy wars have broken out.

[jefftk]

I looked pretty hard, with some LLM assistance, so if it was "are we just hearing about it more now" it would have to be old attacks that happened without being discovered and written up.