Andrew NesbittSlopsquatting – when an LLM hallucinates a non-existent package name, and a bad actor registers it maliciously. The AI brother of typosquatting.
Credit to @sethmlarson for the name
LanyBI don’t mean to ruin the party, but this attack technique is actually called “package hallucination” — a term and concept I introduced two years ago. I’ve published two research pieces on it, and it's now recognized as a resource under the OWASP Top 10 for LLMs, specifically under the "Misinformation" category. You can check out my latest work here:
https://www.lasso.security/blog/ai-package-hallucinations
Seth Larson@LanyB @andrewnez Nice! "Package hallucination" is a much better name, I honestly didn't expect the coining of something in a conversation to blow up so quickly :) Power of the internet I suppose, maybe we should get the Wikipedia page renamed to your phrasing so it's attributed properly (and so people don't have to say "slopsquatting" ever again)
Konstantin Weddige@sethmlarson @LanyB @andrewnez why choose one, if we can have both?
Package hallucination for the vulnerability (code with nonexisting, hallucinated dependencies) and slopsquatting for the exploit (the act of uploading packages matching these dependencies)?
This would be the way in which the terms make the most sense IMHO.