Nation-state adversaries are systematically infiltrating open-source ecosystems to plant backdoors in critical software infrastructure, according to a new Strider Intel report. By shifting focus from code vulnerabilities to contributor risk profiles, organizations can uncover threats traditional scanners miss—revealing that 21% of contributors in a major AI project showed risk indicators.