Ars Technica

AI-generated code could be a disaster for the software supply chain. Here’s why.

AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages ...
Wired

AI Code Hallucinations Increase the Risk of ‘Package Confusion’ Attacks

AI-generated computer code is rife with references to nonexistent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages ...
SiliconANGLE

ServiceNow and Hugging Face release open-source AI model for generating code

ServiceNow Inc. and Hugging Face Inc. today introduced StarCoder, an open-source artificial intelligence model model that can generate code in multiple programming languages. The companies claim that ...
Infosecurity-magazine.com

AI Hallucinations Create “Slopsquatting” Supply Chain Threat

Developers relying on large language models (LLMs) to build code could unwittingly be exposing themselves to a new type of supply chain attack, security experts have warned. “Slopsquatting” was first ...