On June 27, 2017, a destructive payload dubbed NotPetya by researchers, was deployed covertly using a legitimate software package employed by organizations operating in Ukraine. Attacks piggybacking on legitimate and accepted software packages are supply chain attacks, and they have been on the increase in recent months. One recent attack combined supply-chain-style tactics and typosquatting. One developer mistyped popular library names during installation, allowing the attacker to install a malicious payload.”]
Source: https://www.crowdstrike.com/blog/software-supply-chain-attacks-rise-undermining-customer-trust/