Slopsquatting: How Attackers Exploit AI-Generated Package Names

AndyC 12 March 2026


TL;DR
AI coding assistants can hallucinate package names, creating phantom dependencies that don’t exist in official repositories.

[…Keep reading]

Report: Approximately 59K Additional Vulnerabilities Will Be Discovered in 2026

Report: Approximately 59K Additional Vulnerabilities Will Be Discovered in 2026

TL;DR
AI coding assistants can hallucinate package names, creating phantom dependencies that don’t exist in official repositories. Attackers exploit this predictable behavior through slopsquatting, which involves registering malicious packages with names that AI models commonly suggest. This emerging supply chain attack requires new detection approaches focused on behavioral analysis to complement existing security tools.

*** This is a Security Bloggers Network syndicated blog from AppSec Observer authored by Jake Milstein. Read the original post at: https://www.contrastsecurity.com/security-influencers/slopsquatting-how-attackers-exploit-ai-generated-package-names

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts

Tags: , , , , , , , , , , ,

More Stories

Post-Quantum Decentralized Policy Enforcement Points in MCP Node Clusters

Post-Quantum Decentralized Policy Enforcement Points in MCP Node Clusters

AndyC 12 March 2026
How stable are AI-driven workflows in high-stress environments

Passkeys at Scale: The Complete Enterprise Deployment Playbook 2026

AndyC 12 March 2026
How stable are AI-driven workflows in high-stress environments

Are DevOps teams supported by automated configurations

AndyC 12 March 2026
News alert: Qevlar AI raises M to turn security alerts into actionable defense insights across SOCs

News alert: Qevlar AI raises $30M to turn security alerts into actionable defense insights across SOCs

AndyC 12 March 2026
Anthropic announces think tank to examine AI’s effect on economy and society

Stryker Down! Iranians Hack the Healthcare Sector Technology Provider

AndyC 12 March 2026
BlackSanta Malware Shuts Down Protections, Targets HR and Recruiting Operations

USENIX Security ’25 (Enigma Track) – Digital Product Safety: Rejecting Software As Magic

AndyC 12 March 2026

You may have missed

Pro-Palestinian hacktivist group Handala targets Stryker in global disruption

Pro-Palestinian hacktivist group Handala targets Stryker in global disruption

AndyC 12 March 2026
BeatBanker malware targets Android users with banking Trojan and crypto miner

BeatBanker malware targets Android users with banking Trojan and crypto miner

AndyC 12 March 2026
Smashing Security podcast #458: How not to steal million from the US government

Smashing Security podcast #458: How not to steal $46 million from the US government

AndyC 12 March 2026
Post-Quantum Decentralized Policy Enforcement Points in MCP Node Clusters

Post-Quantum Decentralized Policy Enforcement Points in MCP Node Clusters

AndyC 12 March 2026
How stable are AI-driven workflows in high-stress environments

Passkeys at Scale: The Complete Enterprise Deployment Playbook 2026

AndyC 12 March 2026

Subscribe To InfoSec Today News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.