Malicious Open Source Library Analysis: llm-oracle and its Payload
Malware hidden in open source library packages are real. In this article, we analyse the malicious npm package llm-oracle.
Read the full articleYou might also wanna read
Supply Chain Attacks on Open-Source Software: Case Study of Malicious Pull Request Attempts
Just in the last 7 days, we've seen LiteLLM and axios impacted by supply chain attacks. Recently, I was chatting with Bereket Engida, the cr
OpenAnt: LLM-Powered Vulnerability Discovery Through Code Decomposition, Adversarial Verification, and Dynamic Testing
Knostic’s OpenAnt, the first (and leading!) open source LLM vulnerability discovery project is now also a paper pre-print on arxive. Paper:
Growing Threat of Malicious Attacks via Open-Source Packages
Kaspersky GReAT experts uncover malicious extensions for Cursor AI that download the Quasar backdoor and a crypto stealer.

Security Risks of Malicious Backdoors in Large Language Models
LLM security is a critical risk for open-weight models. Learn how malicious backdoors are easily fine-tuned into AI agents to execute harmfu
pub.aimind.so·11mo agoOpen Source Projects Grapple with Accepting LLM-Generated Code Submissions
A number of projects have been struggling with the question of which submissions created by lar [...]
Open Source Project Considers Policy on LLM-Generated Contributions and Bug Reports
We've seen a slight uptick in pull-requests and bug reports which appear to be LLM-generated, so it's probably about time to come to a decis

Comments
Sign in to join the conversation.
No comments yet. Be the first.