Indian enterprises are embracing synthetic intelligence at an unprecedented tempo, however a brand new report means that governance and safety controls are struggling to maintain up.
As AI fashions, coding assistants, agent frameworks and machine studying libraries change into embedded throughout growth pipelines, organisations face a rising disconnect between confidence of their AI governance programmes and their skill to display precise management.
Based on JFrog’s 2026 Software program Provide Chain Safety State of the Union, India displays a number of the most vital software program provide chain blind spots amongst surveyed markets, whilst enterprises speed up AI adoption.
The findings level to a broader problem confronting know-how leaders: the transformation of AI from an application-layer know-how right into a foundational element of the software program provide chain itself.
India’s safety tooling hole widens
The report highlights substantial weaknesses in software program provide chain safety controls throughout Indian organisations. Roughly 65% can’t detect malicious packages, whereas 71% don’t use container safety instruments.
The gaps change into extra regarding towards the backdrop of a quickly evolving risk panorama. Globally, malicious npm packages—the software program elements distributed via npm, the world’s largest JavaScript package deal ecosystem—elevated by 451% throughout 2025.
Since npm has change into the most important enterprise package deal ecosystem by way of utilization, malicious packages now pose a big threat to software program growth environments and enterprise infrastructure.
The report signifies that the broader software program risk panorama is intensifying as properly. Greater than 48,000 new Frequent Vulnerabilities and Exposures (CVEs) have been disclosed globally throughout 2025, representing a 20% enhance over the earlier 12 months.
Researchers attribute a part of this development to AI-generated code that reproduces acquainted weaknesses resembling cross-site scripting, SQL injection and lacking authorisation controls.
The priority for Indian enterprises just isn’t merely the amount of vulnerabilities however their skill to determine malicious elements earlier than they enter manufacturing.
With practically two-thirds of organisations missing malicious package deal detection and over seven in ten working with out container safety, attackers might discover alternatives to take advantage of software program provide chains lengthy earlier than conventional safety controls are triggered.
Fashionable functions more and more rely on hundreds of third-party packages, open-source elements, containers and AI artefacts. With out ample detection and governance mechanisms, malicious or compromised dependencies can enter growth pipelines lengthy earlier than safety groups change into conscious of them.
The findings counsel that many Indian organisations stay centered on conventional cybersecurity controls whereas software program provide chain dangers proceed to broaden throughout growth ecosystems.
AI Is making a validation burden
One of many report’s extra shocking findings is that AI just isn’t essentially decreasing growth effort. As an alternative, it’s altering the place effort is spent.
Indian DevSecOps groups now spend 51% of their time reviewing, validating and hardening AI-generated code. Duties that beforehand concerned writing code are more and more being changed by actions centered on verification, testing and safety evaluate.
The shift displays a rising lack of belief in machine-generated software program. Based on the report, 53% of Indian engineers deal with AI-generated code merely as a place to begin and evaluate each line earlier than use. One other 11% rewrite AI-generated fixes totally from scratch.
The findings counsel that AI has shifted the safety burden from software program creation to software program verification. Relatively than trusting machine-generated output, engineering groups are more and more performing as high quality and safety auditors.
This extra validation layer has change into crucial as a result of AI-generated code can introduce vulnerabilities at machine pace, usually quicker than guide evaluate processes can determine and remediate them.
The information additionally suggests a big divergence between govt expectations and engineering realities. Whereas AI coding assistants promise productiveness positive aspects, growth groups stay cautious about deploying generated code with out human scrutiny.
Safety considerations, code high quality points and compliance necessities proceed to necessitate substantial human oversight.
The report additional hyperlinks a part of the worldwide enhance in software program vulnerabilities to AI-generated code, notably long-established weaknesses resembling cross-site scripting, SQL injection and authorisation flaws.
The phantasm of AI governance
Maybe the report’s most necessary perception is what it calls the “phantasm of mastery”—the rising hole between perceived governance maturity and measurable management.
Practically 97% of organisations report having licensed AI mannequin governance programmes. But solely 59% declare full provenance visibility throughout manufacturing environments. Extra revealingly, 48% nonetheless require every week or longer to provide audit-ready compliance proof.
The findings increase questions on how organisations outline governance. Visibility into AI belongings doesn’t essentially translate into enforceable controls, coverage compliance or accountability.
The identical sample seems in shadow AI administration. India leads surveyed areas in automated shadow AI detection at 60%, however that also leaves 40% of organisations with out automated mechanisms to determine unsanctioned AI instruments working inside developer environments.
As AI adoption expands throughout enterprises, the problem more and more shifts from figuring out AI utilization to governing it successfully.
Mannequin registries redefine the assault floor
The report argues that the software program provide chain itself is present process a structural transformation.
Throughout 2025, Hugging Face printed roughly 1.4 million new AI artefacts, accounting for 58% of all new software program packages tracked within the examine. Consequently, mannequin registries have emerged as one of many largest sources of software program elements getting into enterprise environments.
The dimensions of this shift has vital safety implications. Researchers recognized 495 malicious AI fashions in public repositories that comprise energetic payloads able to credential harvesting, command execution, and reverse-shell exercise.
As well as, they found 969 malicious AI-agent abilities designed to take advantage of developer environments and automation workflows.
These findings display how the assault floor has expanded past conventional software program packages. Safety groups should now consider AI fashions, agent frameworks, built-in growth setting (IDE) extensions and orchestration instruments with the identical rigour beforehand utilized to supply code and software dependencies.
In contrast to conventional software program packages, AI fashions introduce extra considerations round provenance, integrity, licensing, the origins of coaching information, and embedded payloads. Safety groups should due to this fact consider not solely supply code but additionally the fashions that energy functions and AI providers.
The report warns that some publicly obtainable fashions can comprise dwell malicious payloads, creating a brand new assault vector inside enterprise software program provide chains.
For CIOs, CISOs and CTOs, the implications are more and more security-driven. The problem is not merely deploying AI. It’s guaranteeing that AI fashions, AI-generated code, third-party packages and developer tooling don’t change into new entry factors into enterprise environments.
As software program provide chains take up hundreds of thousands of latest AI artefacts every year, governance and safety can not function as separate disciplines. Organisations that fail to safe the software program provide chain might discover that their biggest AI threat just isn’t the mannequin itself, however the hidden dependencies, packages and brokers that accompany it.
In that sense, the report’s central warning extends past cybersecurity. The best threat might not be AI itself, however the rising assumption that organisations are governing and securing it successfully when many are solely starting to know the size of the problem.