惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
The Exploit Database - CXSecurity.com
F
Fortinet All Blogs
U
Unit 42
F
Full Disclosure
雷峰网
雷峰网
博客园 - 司徒正美
云风的 BLOG
云风的 BLOG
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
T
Tailwind CSS Blog
The Cloudflare Blog
Last Week in AI
Last Week in AI
罗磊的独立博客
D
DataBreaches.Net
C
Check Point Blog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
O
OpenAI News
C
CXSECURITY Database RSS Feed - CXSecurity.com
aimingoo的专栏
aimingoo的专栏
S
Security @ Cisco Blogs
大猫的无限游戏
大猫的无限游戏
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
S
SegmentFault 最新的问题
NISL@THU
NISL@THU
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
The Hacker News
The Hacker News
Webroot Blog
Webroot Blog
Security Latest
Security Latest
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Google DeepMind News
Google DeepMind News
酷 壳 – CoolShell
酷 壳 – CoolShell
N
News | PayPal Newsroom
P
Proofpoint News Feed
B
Blog RSS Feed
MongoDB | Blog
MongoDB | Blog
C
Cybersecurity and Infrastructure Security Agency CISA
N
News and Events Feed by Topic
Google Online Security Blog
Google Online Security Blog
H
Help Net Security
Spread Privacy
Spread Privacy
T
Threat Research - Cisco Blogs
GbyAI
GbyAI
I
Intezer
Application and Cybersecurity Blog
Application and Cybersecurity Blog
M
MIT News - Artificial intelligence
Vercel News
Vercel News
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
IT之家
IT之家
MyScale Blog
MyScale Blog
腾讯CDC

2024 Sonatype Blog

Request for Comments: CARE and Maven Central Q2 2026 Open Source Malware Index AI Is Forcing a New Open Source Security Model Vulnerability Prioritization Is Missing the AI-Era Point The Hidden National Security Threat Inside AI-Driven Software Miasma Returns: Leo Platform Compromise in npm The Rise of Collective Defense for Open Source Signal Over Noise: Reachability Analysis Is the Reality Check SCA Has Been Missing Software Security Has to Start at Assembly easy-day-js Targets Mastra, Dependency Attacks Grow Open Publishing, Commercial Scale Software Dependency Cooldowns Are a Symptom, Not a Strategy Atomic Arch npm Campaign Adds Malicious Dependency From SBOMs to AI BOMs: Why SPDX 3.0 Matters Mythos Found 10,000 Vulnerabilities. The Bigger Challenge Is Fixing Them New Shai-Hulud Miasma Wave Hits Hundreds of npm Packages Lazarus Group's Latest: Brandjacking Campaign on npm 5 Steps to Turn Your RMF Backlog Into a Continuous ATO: The CSRMC Migration Playbook The AI Race Is Becoming a Remediation Race Red Hat Cloud Services npm Packages Hijacked Inside a 176-Package npm Campaign Built to Beat Your Internal Dependencies AI Is Making Software Autonomous, and Governance Must Follow Your Outdated Repository Still Works, But It May Not Be Safe Hijacked npm Package Attempts to Deliver PolinRider-Linked RAT AppSec Tools Explained: SAST vs SCA vs DAST | Sonatype Managing Open Source Software Risks With the HeroDevs EOL Dashboard Shai-Hulud is Back: Maintainer Accounts Are Still the Soft Target Building Trusted AI Development With Kiro and Sonatype Guide How to Build a Software Supply Chain Security Playbook The Evolution of Open Source Malware: From Volume to Trust Abuse The Mythos AI Vulnerability Storm: What to Do Next Malicious PyTorch Lightning Packages Found on PyPI Why Developer Experience Is the Foundation of DevSecOps Success Open is Not Costless: Reclaiming Sustainable Infrastructure Q1 Updates in Nexus Repository: More Formats, Stronger Operations, and a Better Day-to-Day Experience Self-Propagating npm Malware Turns Trusted Packages Into Attack Paths The Time Is Now to Prepare for CRA Enforcement Sonatype Innovate: Real Peer Connections, Real Product Influence, Real Recognition Mythos and the AI Vulnerability Storm: Exploring the Control Point When AI Writes Code, Who Governs the Dependencies? Why Software Supply Chain Security Requires a New Playbook Q1 2026 Open Source Malware Index: Adaptive Attacks Exploit Trust Modernizing Nexus Repository: Moving Beyond OrientDB AI, DevSecOps, and the Future of Application Security: The Gartner® Report How Sonatype's Container Scanning Protects You From Zero-Days Axios Compromise on npm Introduces Hidden Malicious Package Is Your Repository Ready for What's Next? Autonomous Development and AI: Speed vs. Security Compromised litellm PyPI Package Delivers Multi-Stage Credential Stealer Golden Pull Requests: Automating Trusted Remediation Without Breaking Builds Sonatype Discovers Two Malicious npm Packages
Grounded Intelligence Ensures Safe AI Software Development
alinskens@sonatype.com (Aaron Linskens) · 2026-03-25 · via 2024 Sonatype Blog

One experience has become nearly universal as AI systems move deeper into software development, their confidence when they're wrong.

Modern LLMs can generate code, recommend fixes, and even suggest dependency upgrades. But they also routinely invent package names, versions, and upgrade paths that don't exist, and present them with total certainty. In environments where automation already operates at scale, this isn't just inconvenient. It's dangerous.

As part of our 2026 State of the Software Supply Chain report, Sonatype analyzed nearly 37,000 dependency upgrade recommendations generated by GPT-5 across major open source ecosystems. The results were striking: 27% of all recommendations were hallucinations. These were fabricated versions that couldn't be resolved, forcing teams to spend time validating outputs, fixing broken builds, and reworking AI-generated suggestions.

Making AI Software Development Safe at Machine Scale

This year, we expanded the research and evaluated a new generation of frontier models, including Claude Sonnet 3.7 and 4.5, Claude Opus 4.6, Gemini 2.5 Pro and 3 Pro, GPT-5, GPT-5.2, and GPT-5 Nano to find out if newer, larger models are actually making safer dependency decisions.

And, we introduced real-time intelligence into the process, including:

  • Live package registries.

  • Current vulnerability data.

  • Compatibility and breaking change analysis.

With that grounding layer in place, hallucinations disappeared across the entire dataset.

For a comprehensive look at this new research, read the whitepaper, Making AI Software Development Safe at Machine Scale.

Models Are Getting More Cautious, Not Smarter

Newer models are improving, with hallucination rates dropping significantly from earlier generations. But even the best ungrounded systems still hallucinate about 1 in 16 recommendations.

At scale, this presents a serious reliability issue. The latest generation of models didn't learn which versions actually exist. Instead, they learned to stop guessing when uncertain. "No change" recommendations nearly doubled, and about 1 in 3 components now receive a same-version recommendation.

On the surface, this looks like progress, but it introduces inaction, which is a different kind of risk.

The Tradeoff of Guessing vs. Inaction

Without access to real-time data, models face the choice of guessing and risking hallucinating a non-existent version, or doing nothing and preserving whatever risk already exists. Newer models increasingly choose the second option, but "do nothing" is not neutral.

If a dependency contains known vulnerabilities, a same-version recommendation locks that exposure in place. Over time, this leads to accumulated technical debt and persistent security risk.

Both are symptoms of the same underlying issue: reasoning without the data required to make correct decisions.

The Grounding Gap

This extended research makes it clear that the problem is an intelligence gap. When models operate without access to live package registries, current vulnerability data, and breaking change analysis, they hit a ceiling. They can either guess or abstain, but they can't reliably choose the safest upgrade path.

But when real-time intelligence is introduced, the results change dramatically. A hybrid approach with Sonatype Guide at the center that combines model reasoning with real-time software supply chain intelligence eliminates hallucinations, reduces critical and high vulnerability exposure by up to 70%, and consistently outperforms even the largest ungrounded models.

Ungrounded models show significant variability (10,830–14,325 vulnerabilities), driven by differences in model quality and how recently they were trained. In contrast, the gains from grounding are consistently strong across all models. This reliability allows organizations to use older, more cost-effective models without compromising their ability to identify safe, high-quality dependencies and stay within AI budgets.

Stronger detection of malicious components and open source malware enhances overall resilience and reinforces market leadership. Meanwhile, developers can shift their focus away from avoidable fixes and toward building differentiated, high-impact features.

What This Means for AI-Assisted Development

Model improvements alone won't solve this problem. Scaling parameters, refreshing training data, or switching vendors does not close the gap. Across providers and model generations, the same pattern emerges: ungrounded systems converge on the same limitations.

AI can accelerate development, but without grounding in real-time intelligence, it cannot make safe dependency decisions. Download our latest research, including an in-depth exploration of our methodologies.

Tags