Tag: due diligence

  • Blind Trust in LLMs: How Hallucinated Packages Can Compromise Open-Source Projects

    Blind Trust in LLMs: How Hallucinated Packages Can Compromise Open-Source Projects

    kr1pt7c

    Large Language Models(LLMs) have become essential tools for software developers, helping them solve complex problems and even implement entire functionalities in some cases. However, while these models can accelerate development and streamline workflows, over-reliance on them comes with its own set of risks. A well-known flaw of LLMs is their…

  • Crypto Wallets Targetted Using Malicious PyPI Packages

    Crypto Wallets Targetted Using Malicious PyPI Packages

    kr1pt7c

    PyPI has long been used as a means of distributing malicious code masquerading as legitimate utilities by bad actors. Yehuda Gelb recently exposed one such operation, targeting users of prominent crypto-wallets such as Atomic, Metamask, Exodus, and many more, by uploading multiple packages within a short timeframe to the repository,…