HFuzzer: Testing Large Language Models for Package Hallucinations Via Phrase-Based Fuzzing
Large Language Models LLMs are widely used for code generation, but they face critical security risks when applied to practical production due to package hallucinations, in which LLMs recommend non-existent packages. These hallucinations can be exploited in software supply chain attacks, where...