Attacks on vibe-coding have begun. LLMs sometimes hallucinate and install non-existent packages.
As a result, attackers have started publishing malicious packages under these hallucinated names, which frequently appear in AI-generated suggestions.
https://socket.dev/blog/slopsquatting-how-ai-hallucinations-are-fueling-a-new-class-of-supply-chain-attacks
As a result, attackers have started publishing malicious packages under these hallucinated names, which frequently appear in AI-generated suggestions.
https://socket.dev/blog/slopsquatting-how-ai-hallucinations-are-fueling-a-new-class-of-supply-chain-attacks
Comments