Techly NewsGet the app

Get the latest tech news

AI-Generated Code Creates Major Security Risk Through 'Package Hallucinations'


A new study [PDF] reveals AI-generated code frequently references non-existent third-party libraries, creating opportunities for supply-chain attacks. Researchers analyzed 576,000 code samples from 16 popular large language models and found 19.7% of package dependencies -- 440,445 in total -- were "...

A new study[PDF] reveals AI-generated code frequently references non-existent third-party libraries, creating opportunities for supply-chain attacks. Researchers analyzed 576,000 code samples from 16 popular large language models and found 19.7% of package dependencies -- 440,445 in total -- were "hallucinated. Alarmingly, 43% of hallucinations repeated across multiple queries, making them predictable targets.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of generated code

generated code

Photo of major security risk

major security risk

Related news:

News photo

AI-generated code could be a disaster for the software supply chain. Here’s why.

News photo

Endor Labs, which builds tools to scan AI-generated code for vulnerabilities, lands $93M

News photo

More accurate coding: Researchers adapt Sequential Monte Carlo for AI-generated code

« Tesla won’t have to report as many Level 2 crashes after Trump’s rule change | Tesla represents the bulk of the Level 2 automated crashes to the federal government.
Trump Demands Amazon Deny the Reality of What His Tariffs Are Doing to Prices | This morning the White House Press Secretary accused Amazon of conducting a 'hostile political action.' »