A significant security breach involving the open-source extension registry Open VSX Registry and maintained by Eclipse Foundation has exposed a vulnerability in the software-supply-chain ecosystem.