Report: Epidemic of Flaws in Commercial and Open Source Code

ReversingLabs' 2025 Software Supply Chain Security Report finds endemic security issues across commercial and open-source software — including numerous critical and patch-mandated vulnerabilities, leaked developer secrets, and examples of active supply-chain compromises (notably npm package tampering such as @solana/web3.js) — warning that attackers are increasingly exploiting supply-chain weaknesses to gain broad access to sensitive systems and data.