alt Hacker News> 1) One can no longer trust things out on the web.
I assume you mean software, because we haven't been trusting other things on the web already for decades.
As for software, everybody interested knew about inherent insecurity of supply chain of modern software but the solutions proposed were too expensive. We need an order of magnitude more money lost for organizations to start switching from today's security theater to a model with security built in.
In general and for software in particular too :). For general see my response to ellg.
Even though we were aware of the insecurity of the supply chain, 1) In practice we tend to ignore it except for mission critical cases. We still do. 2) Autonomous vulnerability/exploitation at scale was difficult and reserved for high value targets.
What you said will be accelerated by 2) now.