Comment by Legend2440
4 days ago
Agreed. This is a standard supply chain attack that has little to do with AI except that it is written in the 'english-as-a-scripting-language' that LLMs execute.
Every repository is vulnerable to this kind of attack, and pip/npm have been attacked in many times in similar ways.
No comments yet
Contribute on Hacker News ↗