AI Hallucinations Are Fueling a New Class of Supply Chain Attacks

I was talking about this issue with a friend a while ago: If an LLM often hallucinates the same package name for a common problem you could copy an existing library, adapt the API to fit the hallucination, use the same hallucinated name and finally include a backdoor.

"They found that 8.7% of hallucinated Python packages were actually valid npm (JavaScript) packages"