JFrog's 2026 report reveals npm attacks surged 451%, 495 malicious AI models were found, and 97% of enterprises overestimate their AI governance protections.

The New Stack is a publication covering trends and technologies in cloud-native development, DevOps, and software delivery. Developers can learn about containerization, Kubernetes, and cloud computing, as well as explore topics such as microservices architecture, serverless computing, and continuous integration/continuous delivery (CI/CD) pipelines.

The New Stack

JFrog's 2026 Software Supply Chain Security report reveals 2025 was a record-breaking year for software supply chain attacks. Malicious npm packages surged 451%, resulting in over 2 million compromised downloads and 171,592 unique malicious package instances. The report also found 495 malicious AI models on public registries like Hugging Face, yet 97% of enterprises claim certified AI governance — a stark contradiction. AI/ML library adoption grew to 41% of enterprises, with organizations managing 47% more AI packages than the prior year. Key concerns include attackers weaponizing IDE extensions, MCP servers, and developer tools, while governance frameworks remain aspirational. Nearly half of enterprises need a week or more to generate audit-proof compliance, highlighting the gap between security perception and operational reality.

JFrog report recaps a tumultuous year in supply chain security

Operational burdens cited as a major problem