The Equifax breach, for instance, was traced back again into a vulnerability while in the Apache Struts Internet server software program. If the organization had set up the security patch for this vulnerability it could have prevented the problem, but often the software update itself is compromised, as was https://ieeexplore.ieee.org/document/9941250