The SolarWinds incident in 2020 highlighted the vulnerability of software supply chains, where threat actors breached build systems and inserted malicious code into widely used products like Orion, affecting tens of thousands of companies. Since then, similar breaches have occurred, including attacks on public package repositories, development tools like CodeCov, and Microsoft's Winget registry, demonstrating that software supply chain attacks are not new but are escalating in frequency and severity. The increasing sophistication of threat actors is attributed to users' growing awareness of software security best practices, which has led them to target the software development process itself, rather than individual users and systems. The blast radius of such attacks is much greater, offering a significantly larger return on investment for attackers. To mitigate this, Continuous Packaging and other best-in-class tools can provide visibility, control, and trust over software packages and code used in environments. Governments are also taking steps to improve the security of software supply chains through guidelines and minimum standards for vendors.