The open source community relies on a loyal army of committed developers - but their security practices are putting the whole ecosystem at riskThe security of individual developer accounts for FOSS packages is critical and currently inadequate, posing substantial risks to the software ecosystem.