Ars Technica

AI-generated code could be a disaster for the software supply chain. Here’s why.

AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages ...
Wired

AI Code Hallucinations Increase the Risk of ‘Package Confusion’ Attacks

AI-generated computer code is rife with references to nonexistent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages ...
GIGAZINE

A new cyber attack called 'slop squatting' may emerge that exploits hallucinations caused by code-generating AI

The widespread use of AI-based code generation has greatly improved development efficiency, but it has also created entirely new risks. Large-scale language models (LLMs) have the risk of generating ...