Agents
HalluSquatting weaponizes LLM hallucinations to push botnet malware into agents
HalluSquatting, detailed in July 2026, is a new attack that pre-registers the fake package or repo names an agent is statistically likely to invent, so when a coding assistant hallucinates a dependency it installs attacker-controlled botnet malware. Unlike prompt injection it needs no direct access to the target — the attacker just anticipates the model's errors and waits. It turns 'slopsquatting' into an active, agent-targeted supply-chain threat for any autonomous tool that resolves package names.
↳ Follow the thread