As 2024 draws to a close, the software supply chain security landscape looks fundamentally different from where it was just two years ago. The CrowdStrike outage, the ongoing deluge of VPN appliance vulnerabilities, and the escalation of state-sponsored package poisoning campaigns have moved supply chain security from a niche concern to a boardroom priority.
Looking ahead to 2025, several trends are converging that will reshape how organizations approach this problem. These are not speculative moonshots. They are trajectories that are already in motion, with enough momentum to define the year ahead.
Prediction 1: AI-Generated Code Will Create New Supply Chain Risks
By the end of 2024, an estimated 40-50% of new code in enterprise environments involves some level of AI assistance, from GitHub Copilot suggestions to ChatGPT-generated functions. This trend will only accelerate in 2025.
The supply chain implications are significant:
Dependency hallucination: AI code assistants sometimes suggest importing packages that do not exist. Attackers have already begun registering these "hallucinated" package names and populating them with malicious code. In 2025, we expect to see the first confirmed supply chain compromise via an AI-hallucinated dependency.
License compliance drift: AI-generated code may incorporate patterns from copyleft-licensed codebases without the developer's awareness. As organizations generate more AI-assisted code, the risk of inadvertent license violations in their supply chain will grow.
Reduced code review scrutiny: When developers treat AI-generated code as "probably correct," they apply less rigorous review. This creates openings for subtle vulnerabilities that would be caught under traditional code review practices.
Organizations in 2025 will need to integrate AI code analysis into their supply chain security tooling, treating AI-generated code with the same scrutiny as third-party dependencies.
Prediction 2: SBOM Requirements Will Move from Paper to Enforcement
The regulatory groundwork laid in 2023-2024 will begin producing real enforcement actions in 2025. The EU Cyber Resilience Act (CRA), finalized in 2024, imposes SBOM requirements on products sold in the EU market, with compliance deadlines approaching. In the US, federal acquisition regulations increasingly require SBOMs from government suppliers.
The shift from "you should produce SBOMs" to "show us your SBOMs or lose the contract" will be a defining moment. Organizations that treated SBOM generation as a checkbox exercise will discover that their SBOMs are incomplete, inaccurate, or impossible to maintain at scale.
We expect 2025 to see:
- The first contract terminations or procurement disqualifications based on SBOM non-compliance.
- Major government agencies publishing minimum SBOM quality standards.
- Third-party SBOM verification services emerging as a new category.
Prediction 3: Package Manager Security Will Harden Significantly
The npm, PyPI, and other package managers took significant steps in 2024 to improve security, including mandatory 2FA for popular package maintainers, package signing initiatives, and improved malicious package detection. In 2025, these efforts will mature.
Sigstore adoption: The Sigstore ecosystem for keyless code signing will see broader adoption across package managers. npm, PyPI, and Homebrew are all at various stages of Sigstore integration. By end of 2025, verifying package provenance through Sigstore signatures will be standard practice.
Build provenance requirements: Package managers will increasingly require build provenance attestations, documenting exactly how a package was built and from what source code. This makes it much harder to publish packages built from modified source without detection.
Trusted publisher programs: PyPI's Trusted Publishers program, which links packages to specific CI/CD workflows, will be expanded and replicated by other registries. This eliminates the risk of compromised maintainer credentials being used to publish malicious updates.
Prediction 4: VPN and Edge Appliance Vulnerabilities Will Continue at Current Rates
There is no reason to believe that the pace of critical vulnerabilities in VPN appliances, firewalls, and other edge devices will slow down in 2025. These devices run complex, proprietary codebases that have accumulated years of technical debt, and they are exposed to the internet by design.
We expect:
- At least 5-10 critical, actively exploited vulnerabilities in products from Fortinet, Ivanti, Palo Alto, Cisco, and SonicWall.
- Continued exploitation by both state-sponsored and criminal actors.
- Growing pressure on organizations to adopt ZTNA as an alternative to traditional VPN.
The organizations that fare best will be those that treat their network appliances as first-class components of their software supply chain, with the same inventory tracking, vulnerability monitoring, and patching discipline applied to application dependencies.
Prediction 5: The NIST NVD Will Stabilize, But Alternatives Will Gain Ground
The NIST National Vulnerability Database (NVD) experienced significant disruptions in 2024, with a massive backlog of CVEs awaiting analysis. The new NVD Consortium, announced in late 2024, is expected to bring additional resources and improve processing times.
However, the NVD's struggles have accelerated interest in alternative vulnerability data sources:
- OSV (Open Source Vulnerabilities) for open-source specific advisories.
- GitHub Advisory Database for ecosystem-specific vulnerability data.
- Commercial vulnerability intelligence services that provide faster enrichment.
In 2025, organizations will increasingly adopt multi-source vulnerability intelligence rather than depending solely on NVD.
Prediction 6: Supply Chain Attacks Will Target AI/ML Infrastructure
As organizations deploy AI models in production, the AI/ML supply chain becomes a target. Model files, training datasets, and ML frameworks are all potential attack vectors.
In 2024, researchers demonstrated that serialized model files (pickle, ONNX, SafeTensors) could contain embedded code that executes when the model is loaded. Hugging Face and other model registries have begun implementing scanning and safety measures, but the ecosystem is still maturing.
We predict 2025 will see:
- The first confirmed supply chain attack via a compromised ML model on a public registry.
- Growing scrutiny of ML pipeline dependencies, including training frameworks, data loaders, and inference runtimes.
- Emergence of "ML SBOM" standards that catalog model provenance, training data lineage, and framework dependencies.
Prediction 7: Developer Identity Will Become a Security Requirement
The recurring problem of compromised developer accounts being used to publish malicious packages will drive a push toward stronger developer identity verification.
Efforts already underway include:
- npm requiring 2FA for maintainers of packages with over 1 million weekly downloads.
- Sigstore's identity-based signing, which ties package signatures to developer identities verified through OIDC.
- GitHub's increasing use of verified commits and vigilant mode.
In 2025, we expect these requirements to expand to all maintainers of packages above a certain popularity threshold, and for developer identity verification to become a standard part of supply chain risk assessment.
What This Means for Organizations
The common thread across these predictions is that software supply chain security is moving from awareness to operationalization. The question is no longer "should we care about supply chain security?" but "do we have the tooling, processes, and visibility to manage it?"
Organizations that will be best positioned in 2025 are those that:
- Have comprehensive, continuously updated SBOMs for their software.
- Monitor for vulnerabilities across all components, including infrastructure appliances.
- Enforce policies for dependency management, including version pinning, provenance verification, and license compliance.
- Treat their CI/CD pipelines and build systems as high-value security targets.
- Plan for regulatory compliance requirements before enforcement deadlines arrive.
How Safeguard.sh Helps
Safeguard.sh is built for the supply chain security challenges of 2025 and beyond.
- Automated SBOM generation and management provides the continuous, accurate SBOMs that regulatory compliance demands, not just one-time snapshots.
- Multi-source vulnerability intelligence correlates data from NVD, OSV, and vendor advisories to ensure comprehensive coverage regardless of any single source's availability.
- Policy engine enforces your organization's supply chain security requirements, from dependency governance to patch SLAs, as automated, auditable controls.
- Full-stack visibility covers application dependencies, infrastructure components, and CI/CD tooling, giving you the complete picture needed to manage modern supply chain risk.
The organizations that operationalize supply chain security in 2025 will be the ones that thrive. The ones that do not will be the next headlines.