Techly NewsGet the app

Get the latest tech news

AI Hallucinations Lead To a New Cyber Threat: Slopsquatting


Researchers have uncovered a new supply chain attack called Slopsquatting, where threat actors exploit hallucinated, non-existent package names generated by AI coding tools like GPT-4 and CodeLlama. These believable yet fake packages, representing almost 20% of the samples tested, can be registered ...

Researchers have uncovered a new supply chain attack called Slopsquatting, where threat actors exploit hallucinated, non-existent package names generated by AI coding tools like GPT-4 and CodeLlama. CSO Online reports: Slopsquatting, as researchers are calling it, is a term first coined by Seth Larson, a security developer-in-residence at Python Software Foundation (PSF), for its resemblance to the typosquatting technique. The study concluded that this persistence indicates "that the majority of hallucinations are not just random noise, but repeatable artifacts of how the models respond to certain prompts."

Get the Android app

Or read this on Slashdot

Read more on:

Photo of new cyber threat

new cyber threat

« Microsoft Implements Stricter Performance Management System With Two-Year Rehire Ban
Shopify must face data privacy lawsuit in US »