Last month’s ASUS APT attack doesn’t come as a surprise to any security-conscious industry watcher – this highlights a long-standing flaw in many software supply chains today. Attackers have been engaged in spoofing websites, stealing credentials and gaining unauthorized access for years. Injecting malicious code into legitimate tools that are designed to protect represents the next evolution in putting companies and their customers at risk.