slopsquatting

Exploiting hallucinated package names represents a form of typosquatting, where variations or misspellings of common terms are used to dupe people. Seth Michael Larson, security developer-in-residence at the Python Software Foundation, has dubbed it "slopsquatting" – "slop" being a common pejorative for AI model output.

LLMs can't stop making up software dependencies and sabotaging everything Thomas Claburn 2025

Slopsquatting -- when an LLM hallucinates a non-existent package name, and a bad actor registers it maliciously.

Wordnik Society Mail - CaMeL offers a promising new direction for mitigating prompt injection attacks 2025

Slopsquatting -- when an LLM hallucinates a non-existent package name, and a bad actor registers it maliciously.

Wordnik Society Mail - CaMeL offers a promising new direction for mitigating prompt injection attacks 2025

This creates a vulnerability for AI-assisted code, called "slopsquatting," whereby an attacker predicts the names of libraries AIs are apt to hallucinate and creates libraries with those names, libraries that do what you would expect they'd do, but also inject malicious code into every program that incorporates them

Pluralistic: AI software assistants make the hardest kinds of bugs to spot (04 Aug 2025) – Pluralistic: Daily links from Cory Doctorow Cory Doctorow 2025