The report warns CSOs that while AI is helping unsophisticated threat actors, failure to implement cybersecurity basics is fatal regardless of the attacker's skill.

The npm registry now includes Socket security analysis links directly on package pages to help developers assess supply chain risks.