MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
reports
Search

Curl Battles Wave of AI-Generated False Vulnerability Reports

Wednesday May 7, 2025. 08:10 PM , from Slashdot
Curl Battles Wave of AI-Generated False Vulnerability Reports
The curl open source project is fighting against a flood of AI-generated false security reports. Daniel Stenberg, curl's original author and lead developer, declared on LinkedIn that they are 'effectively being DDoSed' by these submissions.

'We still have not seen a single valid security report done with AI help,' Stenberg wrote. This week alone, four AI-generated vulnerability reports arrived seeking reputation or bounties, ArsTechnica writes. One particularly frustrating May 4 report claiming 'stream dependency cycles in the HTTP/3 protocol stack' pushed Stenberg 'over the limit.' The submission referenced non-existent functions and failed to apply to current versions.

Some AI reports are comically obvious. One accidentally included its prompt instruction: 'and make it sound alarming.' Stenberg has asked HackerOne, which manages vulnerability reporting, for 'more tools to strike down this behavior.' He plans to ban reporters whose submissions are deemed 'AI slop.'

Read more of this story at Slashdot.
Read more at Slashdot
https://it.slashdot.org/story/25/05/07/1750249/curl-battles-wave-of-ai-generated-false-vulnerability...

Related News

reports AI-generated Christian persecution movie is exactly as bad as you'd expect BoingBoingMay 7
ai-generated curl bans “AI” security reports as Zuckerberg claims we’ll all have more “AI” friends than real ones OS NewsMay 7
stenberg Curl project founder snaps over deluge of time-sucking AI slop bug reports TheRegisterMay 7
vulnerability Signal Clone Used by Mike Waltz Pauses Service After Reports It Got Hacked Wired: Tech.May 5
are Apple Maps putting Long Island drivers at risk with false red light camera alerts BetaNewsMay 4
false Conservative activist sues Meta over AI's false claims about him BoingBoingMay 2
curl Dozens of YouTube Channels Are Showing AI-Generated Cartoon Gore and Fetish Content Wired: Tech.May 2
one AI-Generated Code Creates Major Security Risk Through 'Package Hallucinations' SlashdotApr 29
report Sydney Radio Station Secretly Used AI-Generated Host For 6 Months Without Disclosure SlashdotApr 25
security Waymo Reports 250,000 Paid Robotaxi Rides Per Week In US SlashdotApr 25
submissions CVE fallout: The splintering of the standard vulnerability tracking system has begun TheRegisterApr 18
battles Catanzaro: Dangerous arbitrary file read vulnerability in Yelp LWN.netApr 16
wave South Korea reports tech exports surged ahead of Trump tariffs TheRegisterApr 15
reports Vance doubles down on false 40% Social Security fraud claim — he's only off by a factor of 16,0000 BoingBoingApr 8
ai-generated Traditional vulnerability assessment falls short on third-party risks BetaNewsApr 8
stenberg Microsoft makes a browser-based, AI-generated version of Quake II to promote Copilot -- play it now! BetaNewsApr 7
vulnerability Microsoft's New AI-Generated Version of 'Quake 2' Now Playable Online SlashdotApr 6
are Dystopia for kids: this $249 stuffed dinosaur reports everything your child says back to you BoingBoingApr 3
false 95% of Code Will Be AI-Generated Within Five Years, Microsoft CTO Says SlashdotApr 2
curl Check Point confirms breach, but says it was 'old' data and crook made 'false' claims TheRegisterMar 31
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Current Date
May, Thu 8 - 21:09 CEST