Navigation
Search
|
Curl Battles Wave of AI-Generated False Vulnerability Reports
Wednesday May 7, 2025. 08:10 PM , from Slashdot
![]() 'We still have not seen a single valid security report done with AI help,' Stenberg wrote. This week alone, four AI-generated vulnerability reports arrived seeking reputation or bounties, ArsTechnica writes. One particularly frustrating May 4 report claiming 'stream dependency cycles in the HTTP/3 protocol stack' pushed Stenberg 'over the limit.' The submission referenced non-existent functions and failed to apply to current versions. Some AI reports are comically obvious. One accidentally included its prompt instruction: 'and make it sound alarming.' Stenberg has asked HackerOne, which manages vulnerability reporting, for 'more tools to strike down this behavior.' He plans to ban reporters whose submissions are deemed 'AI slop.' Read more of this story at Slashdot.
https://it.slashdot.org/story/25/05/07/1750249/curl-battles-wave-of-ai-generated-false-vulnerability...
Related News |
25 sources
Current Date
May, Thu 8 - 21:09 CEST
|