A critical vulnerability in a widely used dependency management tool has exposed thousands of open-source projects to potential compromise, highlighting the fragility of modern software supply chains.