There are plenty of supply chain attacks without Spring into the picture.

Also, are you sure you are talking about Kubernetes performance over there?