Software supply chain attacks hide malicious code in npm/PyPI packages that nobody audits before installing

You run 'npm install colors' in your Node.js project. The package 'colors' has 20 million weekly downloads. In January 2022, its maintainer pushed a version that contained an infinite loop, breaking thousands of production applications. This was a protest, not a targeted attack — but it demonstrated that a single maintainer can push arbitrary code to millions of applications with zero review. Malicious packages on npm and PyPI are published weekly: typosquatting (npmm instead of npm), dependency confusion (internal package name published publicly), and compromised maintainer accounts. So what? Every modern application depends on 500-2,000 open-source packages, each maintained by 1-3 people. Each package update is trusted implicitly — npm install downloads and executes arbitrary code on your machine. There is no code review, no signing, no sandboxing. You are trusting thousands of strangers with full access to your development machine and production servers. A single compromised package in the dependency tree gives an attacker access to every application that uses it. The SolarWinds and Codecov attacks proved this works at scale. Why does this persist? The economics of open source mean that critical packages are maintained by unpaid volunteers who can be socially engineered, bribed, or simply burn out and hand off maintenance to a stranger. npm and PyPI do not require 2FA for publishing (npm only recently made it mandatory for top-500 packages). Package signing (like Sigstore) exists but is not enforced by any major registry. Nobody reads the code diff of dependency updates — there are too many, too often.