What Is a Hallucinated Dependency?
AI hallucinated dependencies explained. How LLMs invent non-existent packages and how attackers exploit this for supply chain attacks.
What Is a Supply Chain Attack?
Supply chain attacks explained. How compromised dependencies and hallucinated packages threaten AI-coded applications.
What Is an SBOM (Software Bill of Materials)?
SBOM explained for developers. How software bills of materials track components in AI-generated applications for security and compliance.
What Is Data Poisoning?
Data poisoning explained for developers. How training data manipulation affects AI code generation and introduces systematic vulnerabilities.
What Is Dependency Confusion?
Dependency confusion explained for developers. How attackers exploit package manager resolution to inject malicious code into AI projects.
What Is SCA (Software Composition Analysis)?
SCA explained for developers. How software composition analysis finds vulnerable dependencies in AI-generated projects.
What Is Typosquatting (Package Squatting)?
Typosquatting in package managers explained. How malicious packages with similar names target AI-generated dependency installs.
AI Coding Assistants Are Hallucinating Packages (And Attackers Are Exploiting It)
LLMs hallucinate non-existent package names. Attackers register them. Developers install them. Here’s the 291-line detection system that caught …