Hello, you are using an old browser that's unsafe and no longer supported. Please consider updating your browser to a newer version, or downloading a modern browser.

Global Accelerated Learning • Est. 1999
Glossary Term Slopsquatting

Training Camp • Cybersecurity Glossary

What is Slopsquatting?

Slopsquatting is a supply chain attack where adversaries register malicious packages matching dependency names hallucinated by AI coding assistants.

Glossary > Application & API Security > Slopsquatting

Understanding Slopsquatting

Slopsquatting is a software supply chain attack in which adversaries register malicious packages using names that AI coding assistants frequently hallucinate but that do not actually exist in package registries. When developers blindly install these fabricated dependency names suggested by an LLM, they unknowingly pull attacker-controlled code. The name blends "AI slop" with typosquatting, reflecting its reliance on consistent model hallucinations.

Learn More About Slopsquatting:

Ready to Get Certified?

Turn knowledge into credentials with our instructor-led cybersecurity boot camps.

View All Courses →