The Equifax breach, as an example, was traced back again into a vulnerability while in the Apache Struts Net server program. If the organization had installed the security patch for this vulnerability it could have prevented the trouble, but occasionally the application update itself is compromised, as was the https://ieeexplore.ieee.org/document/9941250