Get the latest tech news
AI Hallucinated a Dependency. So a Cybersecurity Researcher Built It as Proof-of-Concept Malware
"Several big businesses have published source code that incorporates a software package previously hallucinated by generative AI," the Register reported Thursday "Not only that but someone, having spotted this reoccurring hallucination, had turned that made-up dependency into a real one, which wa...
"Several big businesses have published source code that incorporates a software package previously hallucinated by generative AI," the Register reported Thursday"Not only that but someone, having spotted this reoccurring hallucination, had turned that made-up dependency into a real one, which was subsequently downloaded and installed thousands of times by developers as a result of the AI's bad advice, we've learned." He created huggingface-cli in December after seeing it repeatedly hallucinated by generative AI; by February this year, Alibaba was referring to it in GraphTranslator's README instructions rather than the real Hugging Face CLI tool... huggingface-cli received more than 15,000 authentic downloads in the three months it has been available... "In addition, we conducted a search on GitHub to determine whether this package was utilized within other companies' repositories," Lanyado said in the write-up for his experiment. Lanyado also said that there was a Hugging Face-owned project that incorporated the fake huggingface-cli, but that was removed after he alerted the biz.
Or read this on Slashdot