JFrog Reports 64% Rise in AI-Driven Software Threats

A recent report by JFrog highlights the growing security threats in the software supply chain, exacerbated by the rise of artificial intelligence. The 'Software Supply Chain State of the Union 2025' identifies four main vulnerabilities: Common Vulnerabilities and Exposures (CVEs), malicious packages, exposed secrets, and misconfigurations. Notably, the report revealed a 64% increase in exposed secrets, with 27% still active, reflecting a significant risk for organizations. Despite 94% of companies utilizing certified lists for managing machine learning models, 37% still depend on manual processes, raising concerns about security consistency. As AI adoption accelerates, the report emphasizes the need for organizations to automate governance processes to enhance security. This evolving threat landscape underscores the challenges companies face in maintaining robust software supply chain integrity.