Contributors: Ortal Keizman, Yair Divinsky In our research, we have discovered that attackers can easily use ChatGPT to help them spread malicious packages into developers’ environments. Given the widespread, rapid proliferation of AI tech for essentially every business use case, the nature of software supply chains, and the broad adoption of open-source code libraries, we… Continue reading Can you trust ChatGPT’s package recommendations?