Open source vulnerabilities can lead to significant breaches, such as the Equifax incident, which exposed personal data of 143 million people due to a vulnerability in Apache Struts, a popular Java library. The risk from these vulnerabilities is real and immediate, with attackers taking advantage of known security holes. While Apache Struts has a history of disclosed vulnerabilities, its team has been responsible in addressing found issues. However, developers who use open source libraries without checking for vulnerabilities or monitoring them over time can be held accountable for their role in the breach. The final owner of the fiasco is often the executive team, which must understand and manage the risks associated with using modern development practices such as open source libraries. To protect yourself from similar breaches, it's essential to get tested, fix problems found, monitor vulnerabilities, find security tools developers can use, and build vulnerability management into your development process.