On 2021-12-02, an incident was reported, involving an unknown actor, gaining initial access via Supply chain vector, while using Package dependency confusion, to achieve Supply chain attack.