Several big businesses have published source code that incorporates a software package previously hallucinated by generative AI.

Not only that but someone, having spotted this reoccurring hallucination, had turned that made-up dependency into a real one, which was subsequently downloaded and installed thousands of times by developers as a result of the AI’s bad advice, we’ve learned. If the package was laced with actual malware, rather than being a benign test, the results could have been disastrous.

  • DingoBilly@lemmy.world
    link
    fedilink
    English
    arrow-up
    22
    arrow-down
    1
    ·
    8 months ago

    And someone recently told me the Xz exploit doesn’t matter because no developer is stupid enough to install beta releases to prod systems lol.

    Laziness and/or low skills leads to a lot of IT failures.