The Equifax breach, by way of example, was traced back again into a vulnerability during the Apache Struts Net server program. If the corporation had installed the safety patch for this vulnerability it could have avoided the condition, but in some cases the program update by itself is compromised, https://www.researchgate.net/publication/365308473_Development_of_Cyber_Attack_Model_for_Private_Network