According to a new report from VentureBeat, security experts are warning about "slopsquatting" — a dangerous new software supply chain threat emerging from the widespread adoption of AI coding assistants. Attackers exploit the tendency of large language models (LLMs) to hallucinate and generate fictitious software package names. Once cybercriminals identify these hallucinated package names, they register them on public repositories and populate them with malicious code, waiting for developers to unknowingly integrate them into their codebases.
Detailed Developments
The term "slopsquatting" combines "AI slop" and "typosquatting" (the practice of registering misspelled domain names). Instead of relying on manual typos of popular libraries as in classic attacks, hackers now exploit the logical flaws of AI. When developers ask AI to write code, the model may suggest plausible-sounding dependency packages that do not actually exist. According to empirical research, if malicious actors preemptively register these names on open-source registries, their malware can easily slip into enterprise codebases without triggering traditional typosquatting defense mechanisms.
Technical & Technology Analysis
At its core, the issue stems from the fact that LLMs predict the statistically most likely words rather than prioritizing factual accuracy. Studies show that model hallucination rates range from 50% to 82%. Even proprietary models like GPT-4o maintain a minimum hallucination rate of 23% despite prompting mitigations. Notably, open-source models are roughly four times more vulnerable than proprietary ones. In a test involving 576,000 code samples, GPT-4.0 Turbo had a package hallucination rate of 3.59%, while DeepSeek 1B (the best-performing open model in the test) reached 13.63%.
Expert Opinions & Insights
Security experts emphasize that these types of vulnerabilities can remain undetected in production environments for months or even years. Statistics from a research team indicate that reported software vulnerabilities are increasing at an annual rate of 98%, far outpacing the 25% annual growth of new open-source packages. This suggests that software security is declining as developers place too much trust in AI. The trend of "vibe coding" (coding guided heavily by AI) further expands the attack surface, with over 40% of committed code now featuring AI assistance.
Impact & Future
This trend poses a major challenge for the global tech community and Vietnamese developers alike. To mitigate risks, development teams must shift their testing habits. Implementing automated validation of package names before installation is crucial. Users should not blindly trust AI assistant recommendations and must double-check packages against official registries like npm or PyPI to avoid falling victim to slopsquatting.