Slopsquatting: AI Hallucinations as Supply Chain Attacks

One in five AI-generated code samples recommends a package that does not exist. Attackers are registering those phantom names on npm and PyPI with malware inside. The term for this is slopsquatting, and it is already happening. What Slopsquatting Actually Is Typosquatting bets on human misspellings. Slopsquatting bets on AI hallucinations. The term was coined by Seth Larson , Security Developer-in-Residence at the Python Software Foundation, to describe a specific attack: register the package names that LLMs consistently fabricate, then wait for developers to install them on an AI's recommendation. A USENIX Security 2025 study analyzed 576,000 code samples across 16 language models and found that roughly 20% recommended at least one non-existent package. The hallucinations fall into three categories. 51% are pure fabrications with no basis in reality. 38% are conflations of real packages mashed together (like express-mongoose ). 13% are typo variants of legitimate names. The part that

Slopsquatting: AI Hallucinations as Supply Chain Attacks

Related Articles

Understanding Data Structures: Why Do We Need Them?

How to Survive Daylight Saving Time: Start Early (2026)

Don’t Let Industry Jargon Cost You When Shopping for a Smart Bed

Why Your Code Is Slower Than Your Hardware (And What To Do About It)

How to Think Like a Modern Programmer (1/2)

Related Articles

How-To
Understanding Data Structures: Why Do We Need Them?
Medium Programming • 1h ago

How-To
How to Survive Daylight Saving Time: Start Early (2026)
Wired • 1h ago

How-To
Don’t Let Industry Jargon Cost You When Shopping for a Smart Bed
Wired • 1h ago

How-To
Why Your Code Is Slower Than Your Hardware (And What To Do About It)
Medium Programming • 3h ago

How-To
How to Think Like a Modern Programmer (1/2)
Medium Programming • 4h ago