Codebase is now mostly AI-generated

New research from Cloudsmith found 42% of developers using AI in their workflows say at least half of their current codebase is now AI-generated. Yet only 67% of those developers review this code before every deployment, despite the rise of AI-specific exploits like ‘slopsquatting,’ where attackers weaponize hallucinated package names suggested by coding assistants.

  • Friday, 20th June 2025 Posted 4 weeks ago in by Phil Alsop

The findings, released today in the Cloudsmith 2025 Artifact Management Report, highlight a widening gap between AI adoption in software development and oversight of the associated risks. 20% of developers said they trust AI-generated code “completely”. While 59% apply additional scrutiny to AI-generated packages, only 34% use tools that enforce policies specific to AI-generated artifacts, and 17% report having no such controls in place at all. 

 

“Software development teams are shipping faster, with more AI-generated code and AI agent-led updates,” said Glenn Weinstein, CEO at Cloudsmith. “AI tools have had a huge impact on developer productivity, which is great. That said, with potentially less human scrutiny on generated code, it’s more important that leaders ensure the right automated controls are in place for the software supply chain.”

 

The report also found that 86% of developers have seen an increase in use of AI-influenced packages or dependencies over the past year, with 40% calling that increase “significant”. Despite this, only 29% of respondents felt “very confident” in their ability to detect vulnerabilities within open-source libraries, where AI tooling is likely to draw suggestions.

 

“Controlling the software supply chain is the first step towards securing it,” added Weinstein. “Automated checks and use of curated artifact repositories can help developers spot issues early in the development lifecycle.”

Zoho unveils AI Model: Zia LLM

Posted 1 day ago by Aaron
Zoho Corporation introduces Zia LLM and innovative AI tools, marking a new era in contextual AI technology.
xtype unveils a platform to bridge governance gaps in ServiceNow, enhancing compliance and efficiency for enterprises.
CyXcel's research reveals that a lack of trust in third-party vendors leaves UK businesses exposed to escalating digital threats.
JumpCloud Inc. partners with Deel IT to streamline global device management, addressing the challenges of IT for international teams.
IFS appoints Kriti Sharma as CEO of Nexus Black to spearhead innovative, agentic AI solutions for asset-intensive industries.
Exabeam has expanded in India, appointing George Joseph and Prabhakar A. R. Kini to bolster its regional team and enhance security solutions.
Rubrik announces new cybersecurity services expanding data protection for Amazon DynamoDB and Amazon RDS for PostgreSQL.
Okta and Palo Alto Networks integrate to enhance AI-powered cybersecurity, offering unified identity and threat response solutions.