A supply chain attack refers to a type of cyberattack where an attacker infiltrates a target's network or systems by targeting a trusted third-party vendor or supplier within the supply chain. Rather than directly attacking the target organization, the attacker focuses on compromising a less secure or less vigilant entity in the supply chain to gain unauthorized access to the target's systems.