AI agents generate so much software, so fast, it's nearly impossible for humans to carefully review it all. Cloudsmith has the scale and the broad view across the open-source ecosystem to protect enterprises against the new kinds of threats that AI-driven development introduces.
The White House on Friday rescinded a 2022 order that mandated a single, standardized self-attestation form for federal agencies to obtain cybersecurity assurances from software vendors, arguing the policy hindered agencies from adopting security solutions for their specific system needs. "There is no universal, one-size-fits-all method of achieving that result," Office of Management and Budget Director Russ Vought said in the memo released Friday. "Each agency should validate provider security utilizing secure development principles and based on a comprehensive risk assessment."
But like everything else in life, there will always be a more powerful AI waiting in the wings to take out both protagonists and open a new chapter in the fight. Acclaimed author and enthusiastic Mac user Douglas Adams once posited that Deep Thought, the computer, told us the answer to the ultimate question of life, the universe, and everything was 42, which only made sense once the question was redefined. But in today's era, we cannot be certain the computer did not hallucinate.
In 2026, generative AI stops being an experiment for software development and starts being an architectural liability. The initial rush to apply AI everywhere is hardening into a struggle with execution, where the primary hurdles are no longer capability, but control, cost, and security. We are already seeing the cracks in code integrity. As AI-assisted development becomes standard, the volume of code produced is outpacing human capacity to audit it. This "vibe coding" prioritises speed over structural soundness, creating a new category of technical debt.
According to software supply chain security company Socket, the packages were published in 2023 and 2024 by a user named " shanhai666" and are designed to run malicious code after specific trigger dates in August 2027 and November 2028. The packages were collectively downloaded 9,488 times. "The most dangerous package, Sharp7Extend, targets industrial PLCs with dual sabotage mechanisms: immediate random process termination and silent write failures that begin 30-90 minutes after installation, affecting safety-critical systems in manufacturing environments," security researcher Kush Pandya said.
"A leaked VSCode Marketplace or Open VSX PAT [personal access token] allows an attacker to directly distribute a malicious extension update across the entire install base," Wiz security researcher Rami McCarthy said in a report shared with The Hacker News. "An attacker who discovered this issue would have been able to directly distribute malware to the cumulative 150,000 install base."
The report found that 68% of security leaders are concerned about the risks of third-party software tools and components introduced across their tech stacks. Seventy-three percent reported receiving at least one notification of a software supply chain vulnerability or incident in the past year. According to the report, 60% believe attackers are evolving too quickly to maintain a truly resilient security posture and 46% are uneasy about AI-driven features and large language models.
A coalition of heavyweight open source foundations issued a joint statement via the foundation on Tuesday, declaring that "open infrastructure is not free" and warning that the critical machinery behind modern software development is being stretched to breaking point. Package registries like Maven Central, PyPI, crates.io, npm, and Packagist handle billions of downloads every month, yet the organizations running them are often scraping by on donations, grants, and the goodwill of a few sponsors.
One of the highlights Levi pointed to was AppTrust, JFrog's initiative to establish end-to-end trust across the software supply chain. By unifying governance, risk, and compliance capabilities into a single framework, AppTrust is designed to give enterprises more confidence that applications are secure and reliable from development through deployment. The goal is to tie disparate security and verification processes into one cohesive approach that simplifies how organizations enforce trust at scale.
JFrog has introduced JFrog Fly, an offering the company describes as a zero-config, "agentic repository" for accelerating AI-driven software development. Introduced September 9, JFrog Fly is intended to support agentic workflows for development teams. AI agents orchestrate artifacts across the software life cycle, enabling developers to focus on delivering software to production with speed and scale, according to JFrog. Developers can join a beta waitlist for JFrog Fly.
JFrog and NVIDIA have expanded integrations to include the Enterprise AI Factory, enabling the management of AI applications through JFrog's Software Supply Chain Platform.
.jpg?height=635&t=1757344641&width=1200)
