The 2025 OSSRA report, leveraging Black Duck audit data, examines the prevalence of open source software within the software supply chain and the associated security and licensing considerations. It highlights key findings regarding vulnerabilities and component management, urging organizations to gain visibility into their software composition through tools like SBOMs and SCA to effectively manage supply chain risks.