Informal discussion on 'slopsquatting' and package hallucination attacks

September 22, 2025

“Slopsquatting,” a term coined earlier this year (“AI slop” + “typosquatting”), describes when attackers register non-existent packages suggested by AI coding assistants, or “package hallucinations,” with malicious code.

Today’s seminar will be based on this paper from USENIX last month (it got a best paper award!): We Have a Package for You! A Comprehensive Analysis of Package Hallucinations by Code Generating LLMs by Spracklen et al. A shorter version of the paper in article format is also available here.

We will give a short presentation on the paper at the beginning of the seminar about the vulnerability and attack mechanism, which will lead into a broader discussion about organizational and socio-technical consequences/mitigations.