Mike Vizard talks with Brian Fox of Sonatype about why AI-assisted vulnerability discovery could create a rapid surge of software supply chain risk. Fox explains that attackers and defenders can now use advanced models to find flaws faster, which could lead to exploit timelines that outpace traditional patching, triage and dependency management processes. The conversation also explores package registry sustainability, organizational bills of materials and why teams should run tabletop exercises to prepare for multiple Log4Shell-scale events in compressed timeframes.