The modern supply chain is facing unprecedented security challenges due to rapidly emerging vulnerabilities and limited visibility. As global business connectivity increases, the importance of safeguarding the supply chain has become a critical cybersecurity concern.
Escalating Vulnerabilities in Supply Chains
Recent reports highlight a significant rise in discovered vulnerabilities, posing a severe threat to supply chains worldwide. Many organizations remain unaware of their specific roles within these networks, making them susceptible to attacks without direct involvement.
According to the 2026 report from Black Kite, the concept of ‘velocity without visibility’ has emerged as a major issue. The analysis reveals that over 48,000 Common Vulnerabilities and Exposures (CVEs) surfaced in 2025, with some being exploited before patches could be deployed. This rapid exploitation underscores the urgency for better visibility.
AI’s Role in Exacerbating Vulnerabilities
Artificial intelligence is both a contributor to and a potential solution for the vulnerability crisis. The advancement of AI-driven technologies is expected to unearth more vulnerabilities, and the proliferation of new applications introduces additional security gaps. AI also accelerates software updates, potentially embedding weaknesses that could be exploited.
Jeffrey Wheatman from Black Kite emphasizes the issue of agentic systems, which operate with permissions but may remain undetected by IT and security teams. These systems could be introduced through unmonitored applications, further complicating the visibility problem.
Addressing Visibility and Defense Strategies
The report suggests focusing on a limited number of high-priority CVEs to manage the visibility and velocity of threats effectively. Black Kite identified 58 critical CVEs that are easily exploitable, stressing the necessity of visibility to mitigate these risks.
While the number of vulnerabilities is expected to increase, Wheatman remains optimistic about the potential of defensive AI. However, the reliance on fully autonomous defense systems raises concerns, particularly in balancing automation with human oversight.
The effectiveness of Software Bill of Materials (SBOMs) is also questioned, as they should provide comprehensive insights into software vulnerabilities. The development of AI-driven SBOMs offers promise but is still in the early stages.
Conclusion and Future Prospects
The ongoing rise in supply chain vulnerabilities demands immediate attention to enhance visibility and security measures. Organizations must prioritize identifying critical threats and consider adopting AI technologies cautiously. Achieving a balance between automated systems and human intervention will be crucial as the landscape continues to evolve.
