This problem is very serious since AI’s are often trained on Github projects. This means your AI generated code is increasingly more likely to have serious security issues in it.

GitHub is undergoing automated attacks involving the cloning and creation of huge numbers of malicious code repositories, and while the developers have been working to remove the affected repos, a significant amount are said to survive, with more uploaded on a regular basis.

An unknown attacker has managed to create and deploy an automated process that forks and clones existing repositories, adding its own malicious code which is concealed under seven layers of obfuscation.

Given the current scale of the attack, said by the researchers to be in the millions of uploaded or forked repositories, even a 1% miss-rate still means potentially thousands of compromised repos still on the site.

Articles:

• https://www.pcgamer.com/software/security/github-is-under-automated-attack-by-millions-of-cloned-repositories-filled-with-malicious-code/
• https://arstechnica.com/security/2024/02/github-besieged-by-millions-of-malicious-repositories-in-ongoing-attack/