In this video, we explore AI package Hallucination. This threat is a result of AI generation tools hallucinating open-source packages or libraries that don't exist. In this video, we explore why this happens and show a demo of ChatGPT creating multiple packages that don't exist. We also explain why this is a prominent threat and how malicious hackers could harness this new vulnerability for evil. It is the next evolution of Typo Squatting. Introduction: 0:00 What is AI package Hallucination: 0:12 Sacrifice to the YouTube Gods: 0:33 How AI models find relationships: 0:45 Lawyer uses hallucinated legal cases: 1:18 How we use open-source packages: 1:39 How ChatGPT promotes packages: 2:17 Example of AI Package Hallucination: 2:51 Why is package hallucination a security risk: 3:46 How many packages are hallucinated? 5:37 Protection measures against AI Package Hallucination: 6:18