Sonatype has identified a global espionage campaign targeting open-source ecosystems, revealing sophisticated tactics used by threat actors to infiltrate software supply chains. The findings highlight vulnerabilities within popular open-source libraries, emphasizing the need for enhanced security measures in software development practices.