AI Hallucinations Create “Slopsquatting” Supply Chain Threat Experts have warned that threat actors could hijack AI hallucinations in “slopsquatting” attacks

We've got the wonder that is #SlopSquatting as a new supply chain attack method. Which honestly, for software development in academic institutions that are HEAVILY pushing #AI services, makes me want to ban these things from our systems.
www.infosecurity-magazine.com/news/ai-hall...

The image is promoting Scratch News Australia, scratchnews.io People sit in front of a glass window looking at a plane is parked at the Melbourne Domestic Airport, Australia. The front of the plane has Scratch News Australia branding, the tail and wingtips are an indigenous dot pattern using the colours of the Australian outback. Scratch News Australia acknowledges the Traditional Custodians of Country throughout Australia and their connections to land, sea and community. We pay respect to their Elders past and present and extends that respect to all Aboriginal and Torres Strait Islander peoples today. Refer to the Scratch News Frequently Asked Questions regarding social media artwork.

Available everywhere you go

👉 scratchnews.io

🧯 AI Hype Fueled Dumpster Fire
💔 LinkedIn Worse Than Facebook
🤡 #Slopsquatting & #AI Hallucinations
🍺 Australia's Richest Plot Tech Reboot
👾 30 Mins To Copy Your #Online #Business
🦄 #Tasmanian #Startup Firmus Valued $1.9B

#Australia #NZ #tech #news

Фантазии LLM воплощаются в реальности — фальшивые опенсорсные библиотеки LLM придумывает названия несуществ...

#llm #галлюцинации #slopsquatting #генерация #кода #фальшивки

Origin | Interest | Match

Фантазии LLM воплощаются в реальности — фальшивые опенсорсные библиотеки

Фантазии LLM воплощаются в реальности — фальшивые опенсорсные библиотеки Использование галлюцинаций LLM для...

#llm #slopsquatting #галлюцинации #генерация #кода #фальшивки

Origin | Interest | Match

Cybersecurity Today: 1,000 Developers Compromised By NX Build System Breach Cybersecurity Today: Major Attacks on NX Build System, Sitecore, and Salesforce In this episode, David Shipley covers a string of significant cybersecurity breaches and vulnerabilities. Highlights inc...

#SlopSquatting is a term I'm claiming I coined last year, where AI-generated package references can be hijacked with ease to exploit users.

#CyberSecurity Today

cybersecuritytoday.libsyn.com/1000-develop...

Podcast file: traffic.libsyn.com/secure/cyber...

Slopsquatting: A new form of AI cybersquatting has emerged! – DomainGang Slopsquatting: A new form of AI cybersquatting has emerged!

Slopsquatting: A new form of AI #cybersquatting has emerged! 🤖 domaingang.com/domain-news/... #AI #Slopsquatting

Slopsquatting: nabbing nonexistent names AI chatbots likely to hallucinate hatbots often hallucinate names, titles, software packages and of course domains to fill up the bucket

#Slopsquatting: nabbing nonexistent names AI chatbots likely to hallucinate - boingboing.net/2025/08/06/s...

Original post on graz.social

"#Slopsquatting is a type of #cybersquatting. It is the practice of registering a non-existent software package name that a large language model (#LLM) may hallucinate in its output, whereby someone unknowingly may copy-paste and install the #software package without realizing it is #fake." […]

Original post on social.tchncs.de

Ok, ich lass mich mal zu einer #Prophezeiung hinreißen.

#Slopsquatting ist ja ein alter Hut.

Aber was haltet ihr von #Slopswatting? Also das gezielte Platzieren von Falschinfos im Internet, sodass AI-aided Policing-Systeme kunkludieren, dass eine bestimmte Person ein ganz gefährlicher […]

📢 AI coding tools are creating silent vulnerabilities through "slopsquatting"—where attackers register package names hallucinated by AI.
This attack vector “exploits vibecoding" & targets less technical developers. 

#AISecurityRisks #Slopsquatting #VibeCoding

www.lotharschulz.info/2025/05/12/t...

"Slopsquatting": quand l'IA générative déroule le tapis rouge aux hackers La génération de code avec l'IA n'est pas sans risque puisqu'elle peut créer des failles facilement exploitables. Le "slopsquatting" permet d'exploiter des lignes de codes inventées par l'IA.

#Cybersécurité " #Slopsquatting": quand l' #IAgénérative déroule le tapis rouge aux hackers
www.bfmtv.com/tech/cyberse...

Three Ways AI Can Weaken Your Cybersecurity Even before generative AI arrived on the scene, compa...

www.hpcwire.com/2025/05/01/three-ways-ai...

#Features #data #poisoning #Lasso #Security #prompt #injection #Slopsquatting

Result Details

Three Ways AI Can Weaken Your Cybersecurity Even before generative AI arrived on the scene, compa...

www.bigdatawire.com/2025/04/25/three-ways-ai...

#Features #data #poisoning #Lasso #Security #prompt #injection #Slopsquatting

Result Details

Les hallucinations de l'IA conduisent à une nouvelle cybermenace : le Slopsquatting~? les développeurs Une nouvelle catégorie d'attaques contre la chaîne d'approvisionnement, appelée « slopsquatting », est née de l'utilisation accrue d'outils d'IA générative pour le codage et de la tendance du modèle…

Les hallucinations de l' #IA conduisent à une nouvelle cybermenace : le #Slopsquatting les développeurs intelligence-artificielle.developpez.com/actu/371266/...

🚨 #Slopsquatting, the new #AI-driven supply chain threat

Researchers identified a novel #cybersecurity risk where AI-generated code suggests non-existent software packages.

Read more: www.securityweek.com/ai-hallucina...

Slopsquatting : quand l’IA invente des paquets et ouvre la voie aux pirates Slopsquatting : découvrez comment l’IA invente de faux paquets dans le code et pourquoi cela représente une menace sérieuse pour la chaîne logicielle.

🤖 Slopsquatting : quand l’IA invente des paquets et ouvre la voie aux pirates

👉 www.justgeek.fr/slopsquattin...

#Slopsquatting #IA #AI #Piratage

Contrairement à ce que dit l'article, le SLOP de #Slopsquatting ne fait pas référence à "bavure" mais à "sloppy" (flemmard) en l'occurrence pour des codeurs trop flemmards pour vérifier le code (souvent buggé) généré par l'IA. Ce qui permet à d'autres d'en profiter.

🚨 Beware of Slopsquatting! This sneaky tactic tricks coders with fake package names—20% of samples are fakes! 🦠🔍 How do you vet your dependencies? Share your tips! #CyberSecurity #AI #Slopsquatting LINK

AI Hallucinations Lead To a New Cyber Threat: Slopsquatting Researchers have uncovered a new supply chain attack called Slopsquatting, where threat actors exploit hallucinated, non-existent package names generated by AI coding tools like GPT-4 and CodeLlama. These...

AI Hallucinations Lead To a New Cyber Threat: Slopsquatting #Technology #Cybersecurity #AIThreats #Slopsquatting

AI Hallucinations Lead To a New Cyber Threat: Slopsquatting - Slashdot Researchers have uncovered a new supply chain attack called Slopsquatting, where threat actors exploit hallucinated, non-existent package names generated by AI coding tools like GPT-4 and CodeLlama. These believable yet fake packages, representing almost 20% of the samples tested, can be registered ...

AI dreams up fake code packages! 🤯 Attackers exploit these “hallucinations” to sneak in malware. Is your code safe? ⚠️ #Slopsquatting

Source: it.slashdot.org/story/25/04/22/0118200/a...

"Slopsquatting" attacks are using AI-hallucinated names resembling popular libraries to spread malware AI doesn't always hallucinate a different open source package, and this error can be mapped out

"Slopsquatting" - what an inventive name for an industrious way of stealing your data.

Who comes up with this stuff?

#ai #llm #slopsquatting (?)

www.techradar.com/pro/security...

AI hallucinations lead to a new cyber threat: Slopsquatting Attackers can weaponize and distribute a large number of packages recommended by AI models that don’t really exist.

On "slopsquatting", software supply chain attacks and the need to introduce clear policies and controls when using AI capabilities in your DevOps processes
www.csoonline.com/article/3961... #cybersecurity #AIHallucination #DevOps #Slopsquatting #FakePackageDeoendencies #SupplyChainAttack

AI code suggestions sabotage software supply chain : Hallucinated package names fuel 'slopsquatting'

LLMs can't stop making up software dependencies and sabotaging everything
www.theregister.com/2025/04/12/a...

#AI code generation tools reshaping how devs write software + introducing new risks to software supply chain.
#CyberSecurity #InfoSec #ArtificialIntelligence #Slopsquatting #LLM

La Nueva Amenaza en la Cadena de Suministro Slopsquatting y los riesgos de las Alucinaciones de Inteligencia Artificial - CIBERNINJAS La creciente popularidad de las herramientas de IA generativa para la programación ha dado lugar a una nueva clase de ataques a la cadena de suministro

🚨 La Nueva Amenaza en la Cadena de Suministro Slopsquatting y los riesgos de las Alucinaciones de Inteligencia Artificial ciberninjas.com/nueva-amenza...

#Ciberseguridad #Slopsquatting #CadenaDeSuministro #IA #CiberRiesgos #CiberAmenazas #InteligenciaArtificial #Ciberdefensa

Slopsquatting: Jeder fünfte KI-Codeschnipsel enthält erfundene Bibliotheken Sicherheitsforscher sehen in KI-generiertem Code eine neue potenzielle Gefahr für Software-Lieferketten, ausgelöst durch "Slopsquatting".

Generative KI-Modelle erfinden bei der Codegenerierung Bibliotheken.

Diese Paketnamen klingen oft plausibel. Entwickler, die KI-generierten Code übernehmen, könnten versuchen, solche Pakete zu installieren. Angreifer könnten das gezielt nutzen.

#Slopsquatting

the-decoder.de/slopsquattin...

We Have a Package for You! A Comprehensive Analysis of Package Hallucinations by Code Generating LLMs The reliance of popular programming languages such as Python and JavaScript on centralized package repositories and open-source software, combined with the emergence of code-generating Large Language ...

🚨 Nouveau risque sécurité : le #slopsquatting !

Les LLM hallucinent des paquets *inexistants* → 20% des recos sont fictives (étude 2025).

🔍 Attaque : Enregistrer ces noms pour piéger les devs
💡 Risque accru avec le #VibeCoding
#DevSecOps #IA #CyberSecurity

🔗 Étude : arxiv.org/abs/2406.10279

😂 That's funny af!
#LLM #malware #slopsquatting

The Rise of Slopsquatting: How AI Hallucinations Are Fueling... Slopsquatting is a new supply chain threat where AI-assisted code generators recommend hallucinated packages that attackers register and weaponize.

Study of code generating AIs shows that 19.7% or packages they recommend don't exist (with a wide variance). Hallucinations are mostly persistant run to run. So bad guys can create fake package names hallucinated by AI and trick users to install them. #AI #slopsquatting socket.dev/blog/slopsqu...