Purportedly Hallucinated Software Packages with Potential Malware Reportedly Downloaded Thousands of Times by Developers
December 1, 2023
Join us in shaping a trustworthy and safe future for AI development by contributing to the HISPI Project Cerebellum TAIM (Govern/Map/Measure/Manage) and helping prevent such incidents.
JOIN US
Matched TAIM controls
Suggested mapping from embedding similarity (not a formal assessment). Browse all TAIM controls
- MAP 4.1 — similarity 0.679, rank 1. TAIM detail and related incidents →
- MEASURE 2.6 — similarity 0.678, rank 2. TAIM detail and related incidents →
- MAP 1.6 — similarity 0.669, rank 3. TAIM detail and related incidents →
- Alleged deployer
- developers-using-ai-generated-suggestions, bar-lanyado
- Alleged developer
- openai, meta, google, deepseek-ai, cohere, bigscience
- Alleged harmed parties
- users-downstream-of-software-contaminated-by-hallucinated-packages, trust-in-open-source-repositories-and-ai-assisted-coding-tools, software-ecosystems, organizations-that-incorporated-fake-dependencies, developers-and-businesses-incorporating-ai-suggested-packages, alibaba
Source
Data from the AI Incident Database (AIID). Cite this incident: https://incidentdatabase.ai/cite/731
Data source
Incident data is from the AI Incident Database (AIID).
When citing the database as a whole, please use:
McGregor, S. (2021) Preventing Repeated Real World AI Failures by Cataloging Incidents: The AI Incident Database. In Proceedings of the Thirty-Third Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-21). Virtual Conference.
Pre-print on arXiv · Database snapshots & citation guide
We use weekly snapshots of the AIID for stable reference. For the official suggested citation of a specific incident, use the “Cite this incident” link on each incident page.