Satellites, spacecraft, and defense systems rely on complex software ecosystems, often powered by open-source, third-party, and legacy components. Recent events remind us just how vital it is to track, secure, and manage that software supply chain. Vulnerable Third-Party Components in Orbit At Black Hat 2025, researchers exposed alarming vulnerabilities in widely deployed open-source satellite control platforms such as Yamcs, OpenC3 Cosmos, and NASA’s cFS Aquila.