The European Union Agency for Cybersecurity (ENISA) feels the term software supply chain attacks overused, and isnt quite convinced when it comes to what constitutes one. 2021 is the year when the novel open source software (OSS) attack concept dubbed, dependency hijacking, or namespace confusion rose to prominence. 2021 may become the year we see four times the number of supply chain attacks seen in 2020. 2021 is also the year the novel ‘OSS’ attack concept.”]
Source: https://blog.sonatype.com/what-constitutes-a-software-supply-chain-attack