# dependency-confusion
4 articlestagged with “dependency-confusion”
AI-Generated Dependency Confusion
Exploiting LLM tendency to hallucinate package names for dependency confusion attacks.
code-gendependency-confusionsupply-chainpackages
Supply Chain Risks in AI Code Generation
Analysis of supply chain attack vectors introduced by AI code generation tools, including dependency confusion, typosquatting, and training data poisoning.
code-gen-securitysupply-chaindependency-confusiontyposquatting
Training Data Attacks on Code Models
Poisoning training data for code generation models: inserting vulnerable patterns into popular repositories, dependency confusion via suggestions, and trojan code patterns.
training-data-poisoningcode-modelstrojan-codedependency-confusionsupply-chain
AI Supply Chain Exploitation
Methodology for exploiting the AI/ML supply chain: model serialization RCE, dependency confusion, dataset poisoning, CI/CD injection, and container escape.
supply-chainpickleserializationrcedependency-confusioncicdcontainer-escapehuggingface