Why open source software supply chain management is worse than you think

A Sonatype survey also found a 650% year-over-year increase in supply chain attacks aimed at upstream public repositories.
Source: techrepublic.com/rssfeeds/topic/open-source/