Well, obviously. A ton of the code its been "trained" on is copy/paste from Stack Overflow by jeets or something.
Archive: https://archive.today/CMnrD
From the post:
>Nearly half (45%) of AI-generated code contains security flaws despite appearing production-ready, new research from Veracode has found. Its study of more than 100 large language models across 80 different coding tasks revealed no improvement in security across newer or larger models – an alarming reality for companies that rely on AI tools to back up, or even replace, human productivity. Java was found to be the worst affected, with 70%+ failure rate, but Python, C# and JavaScript also had failure rates of 38-45%.
Well, obviously. A ton of the code its been "trained" on is copy/paste from Stack Overflow by jeets or something.
Archive: https://archive.today/CMnrD
From the post:
>>Nearly half (45%) of AI-generated code contains security flaws despite appearing production-ready, new research from Veracode has found.
Its study of more than 100 large language models across 80 different coding tasks revealed no improvement in security across newer or larger models – an alarming reality for companies that rely on AI tools to back up, or even replace, human productivity.
Java was found to be the worst affected, with 70%+ failure rate, but Python, C# and JavaScript also had failure rates of 38-45%.
(post is archived)