Ars Technica

AI-generated code could be a disaster for the software supply chain. Here’s why.

AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages ...
ZDNet

How AI coding agents could destroy open source software

A couple of weeks ago, I had the opportunity to use Google's Jules AI Agent to scan through the entire code repository of one of my projects and add a new feature. The AI took about 10 minutes. All ...
Dark Reading

For $50, Cyberattackers Can Use GhostGPT to Write Malicious Code

A recently debuted AI chatbot dubbed GhostGPT has given aspiring and active cybercriminals a handy new tool for developing malware, carrying out business email compromise scams, and executing other ...
Bleeping Computer

Malicious AI models on Hugging Face backdoor users’ machines

At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor. Hugging Face ...
Dark Reading

GenAI Writes Malicious Code to Spread AsyncRAT

Threat actors have used generative artificial intelligence (GenAI) to write malicious code in the wild to spread an open source remote access Trojan (RAT). It's one of the first observed examples of ...
SiliconANGLE

Fortinet identifies thousands of malicious software packages exploiting open-source repositories

A new report out today from Fortinet Inc.’s FortiGuard Labs highlights a growing wave of malicious software packages exploiting system vulnerabilities. Based on data collected since November 2024, the ...
Computerworld

U.S.-based servers host majority of malicious code, study finds

Forget China, Russia or eastern European countries. When it comes to malicious code, U.S.-based servers host an overwhelming majority of it, according to security vendor Finjan Inc. That conclusion is ...