Alibaba
Incidents involved as both Developer and Deployer
Incident 10012 Report
LLM Scrapers Allegedly Target Multiple Open Source Projects Disrupting the FOSS Ecosystem
2025-03-17
In mid-March 2025, KDE’s GitLab infrastructure was disrupted by aggressive AI web scrapers originating from Alibaba IP ranges. These bots ignored robots.txt and spoofed browser headers, which in turn overwhelmed the site and caused outages for developers. Similar incidents affected other FOSS projects like GNOME, SourceHut, and Fedora. The scraping is tied to large language model training, and reportedly imposes real costs and delays.
MoreIncidents Harmed By
Incident 7311 Report
Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers
2023-12-01
Generative AI hallucinated non-existent software packages, which were then created and uploaded (as an experiment) by security researcher Bar Lanyado. One such package, "huggingface-cli," was downloaded over 15,000 times, including by large companies like Alibaba. Regardless of the framing of it as an experiment, this incident is an example of harm caused by AI-generated hallucinations in coding, as the fake packages were still distributed widely and with potential malware.
MoreIncidents involved as Developer
Incident 1072 Report
Chinese Tech Firms Allegedly Developed Facial Recognition to Identify People by Race, Targeting Uyghur Muslims
2018-07-20
Various Chinese firms were revealed by patent applications to have developed facial recognition capable of detecting people by race, which critics feared would enable persecution and discrimination of Uyghur Muslims.
More