Tech News
tech-news
237 Repos Hit with AI Hallucinated NPM Vulnerability
Charlie Eriksen of Aikido Security discovered an npx command that was hallucinated by Artificial Intelligence and found its way into 237 GitHub repositories.
The command, “npx react-codeshift”, has never existed, yet it replicated in so many code bases due to AI hallucinations.
The package for the command did not exist, so Charlie claimed the package before a bad actor could, thus preventing what could have been a very damaging exploit.
This incident highlights the need for humans to double check the output of AI.
0
0
1
The Northern Virginia Linux Users Group (NoVaLUG)
We are a curious, informal, and friendly mix of IT professionals, hobbyists, students, and others with an interest in Linux, Free and Open Source software, and open knowledge. The Northern Virginia Linux Users Group (NoVaLUG) is the oldest LUG in the Northern VA area and likely in the whole of US, established in 1993.
Obtaining an Account
Accounts on this server are limited to members of NoVaLUG. To get an invite link, you must do one of the following:
- Ask for a link at one of our meetings.
- Send a message on our mailing list asking for a link.
- Request an invite link in our Signal chat group.
Service Information
Users on this server may be referred to with the novalug.org domain name (e.g. "foo@novalug.org" or "@foo@novalug.org"). However, when using URLs, the full hostname of akk.novalug.org must be used (e.g. "https://akk.novalug.org/foo").
To use this server with other clients, such as mobile apps, use the full host name of akk.novalug.org.
If you prefer the "classic" Mastodon UI, go here.
Code of Conduct
Our rules are simple.
- Be kind, be courteous.
- No porn.
- No spam.
- No harassment.
- No illegal behavior.
- Users must be 13 years of age or older.