A lot of bad practice has permeated the software development industry, one such practice is to blindly trust code when using third party libraries, frameworks or packages. The reasons why this is taking place is because people want to build stuff quickly in order to save as much money as possible, and they don't want to spend time on security or even performance. But alas, now such companies are beginning to pay the price, a very costly and highly damaging price.
