Simply look out for libraries imagined by ML and make them real, with actual malicious code. No wait, don't do that
Several big businesses have published source code that incorporates a software package previously hallucinated by generative AI.
Not only that but someone, having spotted this reoccurring hallucination, had turned that made-up dependency into a real one, which was subsequently downloaded and installed thousands of times by developers as a result of the AI’s bad advice, we’ve learned. If the package was laced with actual malware, rather than being a benign test, the results could have been disastrous.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !technology@lemmy.world
This is a most excellent place for technology news and articles.
And someone recently told me the Xz exploit doesn’t matter because no developer is stupid enough to install beta releases to prod systems lol.
Laziness and/or low skills leads to a lot of IT failures.
Another way of looking at it; If there exist a release then it will be deployed to prod.
Sorry, what?