AI hallucinations – the occasional tendency of large language models to respond to prompts with incorrect, inaccurate or made-up answers – have been an ongoing concern as the enterprise adoption of generative AI has accelerated over the past two years. They’re also an issue for developers using AI-based tools when building code, including generating names of packages […]
AI-Generated Code Packages Can Lead to ‘Slopsquatting’ Threat
AI hallucinations – the occasional tendency of large language models to respond to prompts with incorrect, inaccurate or made-up answers – have been an ongoing concern as the enterprise adoption of generative AI has accelerated over the past two years. They’re also an issue for developers using AI-based tools when building code, including generating names of packages […]
Bad Actor Targets Linux, macOS Developers with Typosquatted Go Packages
The attacker published at least seven malicious packages on the Go Module Mirror that, if installed, will deliver a backdoor.
Fake Stars in GitHub a Growing Security Threat, Analysis Finds
There was a surge of inauthentic stars on code repositories in 2024, ramping up the threat of software supply chain attacks.
Stop Leaking Secrets!
All too often, software teams trip over complexities and inadvertently leave secrets exposed in private and public software repositories.