GitHub
開発者と提供者の両方の立場で関わったインシデント
インシデント 2405 Report
GitHub Copilot, Copyright Infringement and Open Source Licensing
2021-06-29
Users of GitHub Copilot can produce source code subject to license requirements without attributing and licensing the code to the rights holder.
もっとIncidents implicated systems
インシデント 7314 Report
Hallucinated Software Packages with Potential Malware Downloaded Thousands of Times by Developers
2023-12-01
Large language models are reportedly hallucinating software package names, some of which are uploaded to public repositories and integrated into real code. One such package, huggingface-cli, was downloaded over 15,000 times. This behavior enables "slopsquatting," a term coined by Seth Michael Larson of the Python Software Foundation, where attackers register fake packages under AI-invented names and put supply chains at serious risk.
もっとインシデント 9502 Report
NullBulge's AI-Powered Malware Allegedly Compromises Disney Employee and Internal Data
2024-07-11
A Disney employee, Matthew Van Andel, reportedly downloaded AI-powered malware allegedly developed by the cybercriminal group NullBulge, resulting in a major cybersecurity breach. Hackers purportedly accessed Disney's Slack system, exposing 44 million internal messages, employee and customer data, and financial records. NullBulge also reportedly leaked Van Andel’s personal financial information, leading to identity theft and his eventual termination.
もっと