Incident 731: Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

Description: Generative AI hallucinated non-existent software packages, which were then created and uploaded (as an experiment) by security researcher Bar Lanyado. One such package, "huggingface-cli," was downloaded over 15,000 times, including by large companies like Alibaba. Regardless of the framing of it as an experiment, this incident is an example of harm caused by AI-generated hallucinations in coding, as the fake packages were still distributed widely and with potential malware.

Outils

Nouveau rapportNouveau rapportNouvelle RéponseNouvelle RéponseDécouvrirDécouvrirVoir l'historiqueVoir l'historique

Statistiques d'incidents

ID
731
Nombre de rapports
1
Date de l'incident
2023-12-01
Editeurs
Applied Taxonomies
MIT

Classifications de taxonomie MIT

Machine-Classified
Détails de la taxonomie

Risk Subdomain

2.2. AI system security vulnerabilities and attacks

Risk Domain

  1. Privacy & Security

Entity

AI

Timing

Post-deployment

Intent

Unintentional

translated-fr-AI hallucinates software packages and devs download them – even if potentially poisoned with malware
theregister.com · 2024
Traduit par IA

translated-fr-Several big businesses have published source code that incorporates a software package previously hallucinated by generative AI.

Not only that but someone, having spotted this reoccurring hallucination, had turned that made-up…

Variantes

Une "Variante" est un incident qui partage les mêmes facteurs de causalité, produit des dommages similaires et implique les mêmes systèmes intelligents qu'un incident d'IA connu. Plutôt que d'indexer les variantes comme des incidents entièrement distincts, nous listons les variations d'incidents sous le premier incident similaire soumis à la base de données. Contrairement aux autres types de soumission à la base de données des incidents, les variantes ne sont pas tenues d'avoir des rapports en preuve externes à la base de données des incidents. En savoir plus sur le document de recherche.

Incidents similaires

Par similarité textuelle

Did our AI mess up? Flag the unrelated incidents

Hackers Break Apple Face ID

Hackers Claim to Break Face ID a Week After iPhone X Release

· 24 rapports
Biased Sentiment Analysis

Google's sentiment analysis API is just as biased as humans

· 7 rapports
All Image Captions Produced are Violent

Are you scared yet? Meet Norman, the psychopathic AI

· 28 rapports
Incident précédentProchain incident