Polyfill.io was acquired by a Chinese company and immediately began injecting malware into the 100,000+ websites that loaded it, JSTOR and the World Economic Forum among them. The original maintainers had walked away long before, because nobody was paying them to stay.
This is the model. Vast portions of the npm and pip ecosystem are maintained by individuals doing it for free in evenings and weekends. When the load gets too heavy they either burn out, abandon the project, or sell the namespace to whoever offers them money. The buyer’s incentives are not the original maintainer’s incentives, and there is no contract that says they have to be.
Every company shipping software depends on this and almost none of them pay for it. Until that changes, polyfill.io will not be the last one. The next supply-chain compromise is already incubating in some package you have transitively depended on for years and never read.