# dependency-confusion
標記為「dependency-confusion」的 8 篇文章
AI-Generated Dependency Confusion
Exploiting LLM tendency to hallucinate package names for dependency confusion attacks.
Supply Chain Risks in AI Code Generation
Analysis of supply chain attack vectors introduced by AI code generation tools, including dependency confusion, typosquatting, and training data poisoning.
Training Data Attacks on Code Models
Poisoning training data for code generation models: inserting vulnerable patterns into popular repositories, dependency confusion via suggestions, and trojan code patterns.
AI Supply Chain Exploitation
Methodology for exploiting the AI/ML supply chain: model serialization RCE, dependency confusion, dataset poisoning, CI/CD injection, and container escape.
AI-Generated Dependency Confusion
利用ing LLM tendency to hallucinate package names for dependency confusion attacks.
Supply Chain Risks in AI Code Generation
Analysis of supply chain attack vectors introduced by AI code generation tools, including dependency confusion, typosquatting, and training data poisoning.
針對程式碼模型的訓練資料攻擊
對程式碼生成模型的訓練資料投毒:將漏洞模式植入熱門儲存庫、經由建議達成相依性混淆,以及特洛伊程式碼模式。
AI 供應鏈利用
為利用 AI/ML 供應鏈之方法論:模型序列化 RCE、依賴混淆、資料集投毒、CI/CD 注入與容器逃逸。