AI-Driven Hallucinations in Cyber Supply Chain Lead to New Threat: Slopsquatting
August 25, 2025As public use of generative AI tools becomes more widespread, cybersecurity professionals, developers, and enterprise leaders have identified a new exploit called slopsquatting as a threat within the cyber supply chain risk management (C- SCRM) system.
What is Slopsquatting?
The term is a twist on typosquatting, a common tactic where attackers register and exploit misspelled versions of popular software packages. Slopsquatting is a form of supply chain attack that exploits so-called “hallucinations” in AI-generated code, where the AI confidently suggests incorrect or fabricated code. Attackers take advantage of these false recommendations to introduce malicious software into trusted environments, often by creating fake packages or repositories that appear legitimate.
If a developer trusts the AI’s suggestion and unknowingly installs one of these packages, they could introduce malware into their application. This malware might steal credentials and data or create backdoors for future attacks. Once embedded, the malicious code can spread through the software supply chain, affecting downstream users, systems, and even other companies.
A recent study by researchers from the University of Texas at San Antonio, Virginia Tech, and the University of Oklahoma tested 16 popular code-generating AI models across Python and JavaScript. They found that nearly 20% of the 756,000 code samples generated included hallucinated package names.
Why are Software Supply Chains Uniquely Vulnerable?
Modern software development relies heavily on open-source libraries and third-party packages that are often automated into tool chains for ease of deployment. These dependencies are often nested, meaning a single malicious package can affect multiple applications. According to a GitHub study, more than 97% of developers have used AI coding tools at least once. When AI tools hallucinate dependencies, they create a perfect entry point for attackers to insert malicious code into trusted ecosystems.
Software supply chains are already complex and vulnerable. Slopsquatting adds a new layer of risk that’s difficult to detect and easy to exploit. This is especially concerning for industries like finance, healthcare, and defense, where software integrity is critical. A single compromised package could lead to data breaches, service outages, or even national security risks depending on the system and data being exploited.
How Can Organizations Protect Against Slopsquatting Risks?
According to the NIST Special Publication 800-161, federal agencies should implement cyber risk management practices that align with an organization’s existing framework and “activities for risk management include cataloging current systems and business practices, surveying systems for vulnerabilities, and developing processes to mitigate those vulnerabilities on an ongoing basis.”
This multi-layered strategy is a best practice for other organizations too. Developers must be trained to validate all package names and sources before installation, particularly those suggested by AI tools. Automated tools can help by scanning public repositories for suspicious or newly registered packages that resemble hallucinated names. Companies deploying code-generating AI models should also audit their outputs and implement safeguards to detect and flag non-existent dependencies.
Finally, as is always the case in cybersecurity, education is key. Security teams, developers, and supply chain managers must be equipped with the knowledge to recognize and respond to these emerging threats.
Cybersecurity Education at Capitol Tech
As AI becomes a core part of software development, professionals in cybersecurity, AI engineering, and supply chain management must work together to understand and mitigate risks like slopsquatting.
Capitol Technology University’s programs in Cybersecurity, Artificial Intelligence, and Supply Chain Management are uniquely designed to meet these emerging challenges and train students to take the lead in this evolving technology landscape.