Jerod Santo on Nostr: Here's a brand new security threat vector: > In our research, we have discovered that ...
Here's a brand new security threat vector:
> In our research, we have discovered that attackers can easily use ChatGPT to help them spread malicious packages into developers’ environments.
Fun times. They're calling this "AI package hallucination" and it relies on the fact that ChatGPT sometimes answers questions with false sources, links, blogs and statistics.
When it hallucinates a non-existent package, attackers upload a malicious one with the same name and wait…
https://vulcan.io/blog/ai-hallucinations-package-risk
> In our research, we have discovered that attackers can easily use ChatGPT to help them spread malicious packages into developers’ environments.
Fun times. They're calling this "AI package hallucination" and it relies on the fact that ChatGPT sometimes answers questions with false sources, links, blogs and statistics.
When it hallucinates a non-existent package, attackers upload a malicious one with the same name and wait…
https://vulcan.io/blog/ai-hallucinations-package-risk