Packages and Libraries and Code Flowchart

News

GitHub launches Package Registry to easily generate packages from your code | ZDNET

Once a public package is generated from the GitHub project's source code, the project can be hosted on GitHub, exclusively, or promoted to a public package manager's infrastructure.

Infosecurity-magazine.com2y

New ChatGPT Attack Technique Spreads Malicious Packages

By leveraging the code generation capabilities of ChatGPT, attackers can then potentially exploit fabricated code libraries (packages) to distribute malicious packages, bypassing conventional methods ...

Ars Technica1mon

AI-generated code could be a disaster for the software supply chain. Here’s why. - Ars Technica

AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious ...

Bleeping Computer2mon

AI-hallucinated code dependencies become new supply chain risk - BleepingComputer

A new class of supply chain attacks named 'slopsquatting' has emerged from the increased use of generative AI tools for coding and the model's tendency to "hallucinate" non-existent package names.

Wired1mon

AI Code Hallucinations Increase the Risk of ‘Package Confusion’ Attacks

Also known as package confusion, this form of attack was first demonstrated in 2021 in a proof-of-concept exploit that executed counterfeit code on networks belonging to some of the biggest ...

Some results have been hidden because they may be inaccessible to you

Show inaccessible results