AI Code Hallucinations Increase the Risk of ‘Package Confusion’ Attacks

AI Code Hallucinations Increase the Risk of ‘Package Confusion’ Attacks - Overpasses For America

AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages that can steal data, plant backdoors, and carry out other nefarious actions, newly published research shows. The study, which used 16 of the most widely used large language models to generate 576,000 code samples, found that 440,000 of the package …

AI Code Hallucinations Increase the Risk of ‘Package Confusion’ Attacks

A new study found that code generated by AI is more likely to contain made-up information that can be used to trick software into interacting with malicious code.

Ars Technica: AI-generated code could be a disaster for the software supply chain. Here’s why.

Ars Technica: AI-generated code could be a disaster for the software supply chain. Here’s why.. “AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages that can steal data, plant backdoors, and carry out other nefarious actions, newly published research shows.”The post Ars Technica: AI-generated code c…