Op-Ed: Dan Lorenc: No one knows who wrote the code running America’s defense systems

Last December, Senator Cotton sent a letter to the Office of the National Cyber Director addressing a topic that Washington should have been discussing for years.

His ask was simple: the federal government should track who is contributing to the publicly available, community-built software that underpins critical government infrastructure. Given documented ties between foreign adversaries and some of the most widely used software at the heart of our national security, it’s startling that no one has done it yet.

More than 90% of modern software is built on open source components. This is publicly available code that anyone can view, use, and author. Open source software is, in many ways, more secure than privately developed code. Because it is publicly visible, flaws are spotted and fixed quickly by a global community of developers.

But the way the government consumes this software today is dangerously opaque. Federal agencies often have no way to verify its origins, who wrote it, or whether its contributors have ties to foreign adversaries. That is a national security problem hiding in plain sight.

The trust model that built open source is the same one attackers are using against us

Senator Cotton’s letter names the threat and how we should address it: foreign adversaries are exploiting the trust model that makes open source work. The federal government should track the origins of open source contributions and flag those from adversary nations.

The pattern of foreign actors quietly contributing to and maintaining widely used software is already well documented. Easyjson, a popular open source library, is maintained by a company subject to U.S. sanctions for ties to Russian state interests. In October 2024, leaders of the Linux kernel, the software foundation that runs a significant portion of the world’s computing infrastructure, announced they had removed several Russian Linux maintainers. Huawei, a Chinese multinational telecommunications company, is a top 15 contributor to Kubernetes, the software the U.S. Air Force runs in its fighter jets.

Senator Cotton published his letter in December 2025. Three months later, we experienced the worst month in open source security history — March 2026 made his case for him.

Five attacks in 12 days: A very bad month for open source software

The software supply chain attacks of March 2026 were not a surprise to anyone paying attention. They should be a wake-up call for everyone else.

In the span of 12 days, five attacks rippled through open source software. On March 19, a hacker group called TeamPCP broke into Trivy, a widely trusted open source security scanning tool specifically designed to detect vulnerabilities in software. By compromising the tool used to find threats, attackers turned a security safeguard into a delivery mechanism for malware.

Then, using credentials stolen through the Trivy compromise, attackers launched a cascading series of follow-on attacks, compromising widely used developer tools, including KICS, LiteLLM, and Telnyx. Each trusted tool became a stepping stone to the next.

On March 31, a North Korean state actor breached Axios, a software library downloaded more than 100 million times per week. The compromise lasted only three hours, but the full extent of the damage remains unknown.

In each case, the malicious code didn’t come from a shadowy outsider breaking through a firewall. It arrived as a software update, signed by someone the software community trusted.

AI has made this problem faster, cheaper, and harder to stop

The Axios breach offers a glimpse of where this threat is heading. The attackers didn’t rely solely on technical exploits. They built an entirely fake company, cloning a real founder’s identity, standing up a convincing Slack workspace, and filling it with fabricated LinkedIn activity. Then, they used that persona to manipulate the lead contributor of Axios into handing over his credentials. The attackers did this by hand, but the next generation of attacks won’t need anyone at the keyboard.

In April, Anthropic released Claude Mythos, a new AI model that autonomously discovered thousands of high-severity vulnerabilities across every major operating system and browser, and wrote working exploits for them. The previous frontier model managed two successful Firefox exploits. Mythos achieved 181.

The same AI that can discover and weaponize vulnerabilities can build a fake persona, write malicious code, and cover its tracks. In 2024, the XZ Utils attackers spent years slowly building trust and inserting malicious code into a tool. Now, that can be pulled off in days or weeks.

Congress needs to act. Here’s where to start.

For years, the federal government has operated under the assumption that if a piece of software passed a security check, that was enough. March 2026 proved it isn’t. Knowing that software is functional is not the same as knowing it’s safe, or knowing who built it.

The National Cyber Director can coordinate a response, but closing that gap requires Congress to act:

• Restore vendor accountability: While EO 14306 maintains the Secure Software Development Framework (SSDF) as the federal benchmark for secure software, it removed the requirement for vendors to formally attest to compliance. Congress should restore and strengthen that requirement.
• Make supply chain transparency the law. EO 14306 gestures at the importance of knowing where software components come from. Congress should make it binding: all software entering federal systems must come with documented proof of its origins. Critics will flag the administrative burden of verifying documentation at scale. It’s a real concern, and while the compliance cost is not trivial, it’s modest compared to the cost of a single successful breach.
• Fund the infrastructure that critical systems depend on: The federal government spends billions to secure physical infrastructure. It should treat the software infrastructure on which those systems run with the same urgency.

The federal government spent more than $100 billion on IT last year alone. It has the purchasing power to set the standard for the entire industry if it chooses to use it.

Senator Cotton asked the right question in December. March 2026 answered it. The question now is whether Congress will.

Dan Lorenc is CEO and co-founder of Chainguard, which secures the open source software supply chain. Before founding Chainguard, Dan spent over a decade at Google, where he created foundational software supply chain security projects, including Sigstore and SLSA. Chainguard is headquartered in Kirkland, Washington, and its customers include Fortune 500 enterprises and global industry leaders such as Anduril, Hewlett Packard Enterprise, and OpenAI. For more information, visit chainguard.dev.