Poisoned Grapes - Software Supply Chain Hybrid Malware Attack and Defense

We test windows malwares on several self-developed linux systems used on a large scale in China, and achieved good results, uncover software supply chain risks.

Operating systems supporting cross-platform applications are very fragile. We designed the TPM EDR solution to defend against the above attacks. China is vigorously promoting the self-developed linux operating system. This will be a new operating system ecosystem with over 100 million users and billions of installed devices.

So how secure is the software supply chain for these operating systems? And will they become malware havens? How should we deal with this risk? These are questions that no one has thought about and answered before. I will give my own answers to the above questions in the topic.