I'm guessing there's going to be a lot of unlisted web pages, functionally accessible to only their data scrapers, that describe all sorts of malicious junk, up to the including outright code injections that vibe coders will end up using in things like supply-chain attacks.

February 18, 2026 - 18:40 UTC

1
0
44
Oh that's almost certainly happened already
www.theregister.com/2024/03/28/ai_bots_hallucinate_software_packages/
1
0
45
Lovely...and here I assumed that was more a database fluke where it pulled "do not use" code as usable rather than outright malicious injection.

And now I've just realized blackhats could do this to revert zero-day patches on any system with kernel level access (say Co-pilot).
0
0
9