New “Slopsquatting” Threat Emerges from AI-Generated Code Hallucinations

AI code tools often hallucinate fake packages, creating a new threat called slopsquatting that attackers can exploit in public code repositories, a new study finds. A new study by researchers from the University of Texas at San Antonio, the University of Oklahoma, and Virginia Tech has shown that AI tools designed to write computer code frequently make up software package names, a problem called “package hallucinations.” It leads to recommendations for convincing-sounding but non-existent software package names, which can mislead developers into believing they are real and potentially push them to search for the non-existent packages on public code repositories.

Source: HackRead

Date:

15 April 2025

Categorie(s):

NEWS

Tag(s):

AI, Codes, Hallucinations, New, Threats

BreachLock AEV simulates Real attacks to validate and prioritize exposures25 April 2025
Detectify Asset Classification and Scan Recommendations improves vulnerability testing25 April 2025
Modern Disaster Recovery Explained: From Edge to AI Automation25 April 2025
Rubrik Identity Resilience protects vulnerable authentication infrastructure25 April 2025
FBI Offers $10 Million Reward for information on Salt Typhoon Hackers25 April 2025