Skip to Content
logologo
AI Incident Database
Open TwitterOpen RSS FeedOpen FacebookOpen LinkedInOpen GitHub
Open Menu
Discover
Submit
  • Welcome to the AIID
  • Discover Incidents
  • Spatial View
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Submit Incident Reports
  • Submission Leaderboard
  • Blog
  • AI News Digest
  • Risk Checklists
  • Random Incident
  • Sign Up
Collapse
Discover
Submit
  • Welcome to the AIID
  • Discover Incidents
  • Spatial View
  • Table View
  • List view
  • Entities
  • Taxonomies
  • Submit Incident Reports
  • Submission Leaderboard
  • Blog
  • AI News Digest
  • Risk Checklists
  • Random Incident
  • Sign Up
Collapse
Entities

Bar Lanyado

Incidents involved as Deployer

Incident 7314 Report
Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

2023-12-01

Large language models are reportedly hallucinating software package names, some of which are uploaded to public repositories and integrated into real code. One such package, huggingface-cli, was downloaded over 15,000 times. This behavior enables "slopsquatting," a term coined by Seth Michael Larson of the Python Software Foundation, where attackers register fake packages under AI-invented names and put supply chains at serious risk.

More

Related Entities
Other entities that are related to the same incident. For example, if the developer of an incident is this entity but the deployer is another entity, they are marked as related entities.
 

Entity

Developers using AI-generated suggestions

Incidents involved as Deployer
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

OpenAI

Incidents involved as Developer
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

Google

Incidents involved as Developer
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

Cohere

Incidents involved as Developer
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

Meta

Incidents involved as Developer
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

DeepSeek AI

Incidents involved as Developer
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

BigScience

Incidents involved as Developer
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

Developers and businesses incorporating AI-suggested packages

Incidents Harmed By
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

Alibaba

Incidents Harmed By
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

Organizations that incorporated fake dependencies

Incidents Harmed By
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

Software ecosystems

Incidents Harmed By
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

Users downstream of software contaminated by hallucinated packages

Incidents Harmed By
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

Trust in open-source repositories and AI-assisted coding tools

Incidents Harmed By
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

LLM-powered coding assistants

Incidents implicated systems
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

ChatGPT 3.5

Incidents implicated systems
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

ChatGPT 4

Incidents implicated systems
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

Gemini Pro

Incidents implicated systems
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

Command

Incidents implicated systems
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

LLaMA

Incidents implicated systems
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

CodeLlama

Incidents implicated systems
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

DeepSeek Coder

Incidents implicated systems
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

BLOOM

Incidents implicated systems
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

Python Package Index (PyPI)

Incidents implicated systems
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

npm (Node.js)

Incidents implicated systems
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

GitHub

Incidents implicated systems
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More
Entity

Google Search / AI Overview

Incidents implicated systems
  • Incident 731
    4 Reports

    Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers

More

Research

  • Defining an “AI Incident”
  • Defining an “AI Incident Response”
  • Database Roadmap
  • Related Work
  • Download Complete Database

Project and Community

  • About
  • Contact and Follow
  • Apps and Summaries
  • Editor’s Guide

Incidents

  • All Incidents in List Form
  • Flagged Incidents
  • Submission Queue
  • Classifications View
  • Taxonomies

2024 - AI Incident Database

  • Terms of use
  • Privacy Policy
  • Open twitterOpen githubOpen rssOpen facebookOpen linkedin
  • ecd56df