| ▲ | JonChesterfield 3 days ago | |||||||
AI detected potential malware. Plus a bunch of words. Is this a real thing? It does look like all the other npm compromise notes. But the page has AI and potential written on it, so the whole thing may be fabricated, and there are no other comments here. So on balance I guess I'll ignore it. What a time to be a developer. | ||||||||
| ▲ | feross 3 days ago | parent | next [-] | |||||||
Founder of socket.dev here. “AI detected potential malware” is what we call the alerts generated by our automated malware detection engine that runs on all newly published open source packages in real-time. However, these alerts are reviewed by our threat research team and once a human has confirmed the finding, we upgrade it to “Known malware”. At this point (given we just published research about this) we've upgraded this threat to Known malware. So in short: - “AI detected potential malware” = automated system found something suspicious - “Known malware” = human confirmed it’s real The wording is intentional because not every automated hit ends up being true malware. It’s better to give developers early visibility into possible threats, even if they turn out to be benign, than to miss a real attack. | ||||||||
| ||||||||
| ▲ | seanieb 3 days ago | parent | prev | next [-] | |||||||
socket.dev is a well known a reputable company, and their founder is pretty well known and trusted too. And looking that their blog post it looks like detected a real attack. | ||||||||
| ▲ | ATechGuy 3 days ago | parent | prev [-] | |||||||
Speculating based on another post: "...our investors are pushing us hard to frame it as AI..." | ||||||||
| ||||||||