Alibaba
開発者と提供者の両方の立場で関わったインシデント
インシデント 10012 Report
LLM Scrapers Allegedly Target Multiple Open Source Projects Disrupting the FOSS Ecosystem
2025-03-17
In mid-March 2025, KDE’s GitLab infrastructure was disrupted by aggressive AI web scrapers originating from Alibaba IP ranges. These bots ignored robots.txt and spoofed browser headers, which in turn overwhelmed the site and caused outages for developers. Similar incidents affected other FOSS projects like GNOME, SourceHut, and Fedora. The scraping is tied to large language model training, and reportedly imposes real costs and delays.
もっと影響を受けたインシデント
インシデント 7314 Report
Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers
2023-12-01
Large language models are reportedly hallucinating software package names, some of which are uploaded to public repositories and integrated into real code. One such package, huggingface-cli, was downloaded over 15,000 times. This behavior enables "slopsquatting," a term coined by Seth Michael Larson of the Python Software Foundation, where attackers register fake packages under AI-invented names and put supply chains at serious risk.
もっとIncidents involved as Developer
インシデント 1072 Report
Chinese Tech Firms Allegedly Developed Facial Recognition to Identify People by Race, Targeting Uyghur Muslims
2018-07-20
Various Chinese firms were revealed by patent applications to have developed facial recognition capable of detecting people by race, which critics feared would enable persecution and discrimination of Uyghur Muslims.
もっと