“If you read the story, it becomes obvious that the key vulnerability wasn’t technical, it was the fact that a whole lot of Open-Source software is on the undermaintained-to-neglected axis, because there’s no business case for paying people to take care of it. Which is a problem, because there is a strong business case for paying people to attack it.“
https://www.tbray.org/ongoing/When/202x/2024/04/01/OSQI