Auditors warn of foreign risks to weapons software