3 comments

[ 2.9 ms ] story [ 20.6 ms ] thread
(comment deleted)
It seems like a natural response to using AI for package spoofing is to use AI to look for malware in each release of each package. It's a red queen's race, so we'll never win, but we lose if we don't run.