JFrog Report Flags India's Growing Software Supply Chain Security Gaps in AI Era

JFrog Ltd. has released its 2026 Software Supply Chain Security State of the Union, a comprehensive global study exploring how organisations are building, securing, and managing software amid a rapidly expanding AI-driven economy. The report's findings place Indian organisations among the most AI-active in the world, yet simultaneously reveal alarming gaps in malicious package detection, container security, and secrets scanning. These weaknesses leave Indian enterprises especially vulnerable at a time when attackers are actively weaponising AI models, compromising developer tooling through stolen credentials, and infiltrating open-source ecosystems on an unprecedented scale.

By nearly every measure, last year was the most dangerous on record for software developers worldwide. Malicious npm packages surged 451% year-over-year, reaching more than 171,000 unique instances. npm also overtook Maven as the most widely used enterprise ecosystem for the first time, and a series of sophisticated npm supply chain attacks including the self-replicating "Shai-Hulud" worm underscored just how exposed modern development pipelines have become. For India, where defensive tooling still lags behind the pace of adoption, the risk is particularly acute.

Sudhir Narla, General Manager for JFrog India and VP of Customer Success, framed the challenge plainly: "AI is accelerating how software is built, but it is also expanding the potential attack surface and increasing vulnerabilities. We are seeing a shift from isolated vulnerabilities to systemic risk across the entire software supply chain. Indian organisations will need to move beyond traditional security approaches and rethink how they establish trust in increasingly AI-powered, automated environments."

The report surfaces several critical findings specific to India. First, the country appears to have some of the world's largest software security blind spots 65% of Indian organisations lack malicious package detection capabilities, and 71% do not use container security tooling at all.

Given the 451% surge in malicious npm packages across the ecosystem most enterprises now depend on, these gaps represent a direct and material risk to India's enterprise infrastructure.

Second, DevSecOps teams are under mounting pressure from AI-generated code. Indian teams now spend 51% of their working time reviewing and hardening code produced by AI systems, a responsibility that simply did not exist two years ago. Rather than reducing workloads, AI has shifted the burden from writing code to validating it, while security tooling has not kept pace with the change.

Third, engineers on the ground remain deeply skeptical of AI-generated output. Some 53% of Indian engineers treat AI-generated code only as a starting point, reviewing every line before use, while an additional 11% discard the output entirely and rewrite fixes from scratch. This ground-level caution stands in sharp contrast to the confidence expressed by organisational leadership.

That divergence points to a fourth finding: a dangerous confidence gap between leadership and frontline teams. While 97% of organisations claim to have certified AI model governance in place and 59% of IT leaders report full provenance visibility, nearly half 48% still require a week or more to produce audit-ready proof. The gap between stated confidence and operational reality is wide.

Fifth, Shadow AI continues to operate largely unchecked. India leads surveyed regions in automated Shadow AI detection at 60%, which sounds encouraging until one considers that it still leaves 40% of Indian organisations with no automated mechanism for identifying unsanctioned AI tools operating within their developer environments.

Finally, the report highlights a fundamental shift in the attack surface itself. Some 58% of all new software packages introduced over the past year originated from Hugging Face, totalling 1.4 million new artifacts. This makes model registries the single largest input into the modern software supply chain. Unlike traditional code repositories, these unvetted AI models can carry live payloads, significantly increasing the risk of an active, real-world attack on organisations that consume them without adequate scrutiny.

Taken together, the findings paint a picture of an Indian technology sector that is embracing AI at speed but has not yet built the security infrastructure to match. Closing that gap, the report suggests, is no longer optional — it is a matter of enterprise resilience.