You already know about cybersquatting, so here comes slopsquatting.
Slopsquatting is a newly emerging supply chain attack that preys on AI code-generation tools’ tendency to hallucinate non-existent software package names.
When a large language model (LLM) suggests a fictitious software library, attackers who’ve already registered that exact name can supply malicious code. Developers who blindly trust and install the AI-recommended package can unwittingly import malware directly into their projects, mirroring how a cybersquatter profits when an unsuspecting user ends up at their domain name.
In other words, slopsquatting is just like cybersquatting reborn for the era of AI code generation, substituting package registries for domain registrars and AI hallucinations for typographical mistakes.
Vibe-coding, anyone?
The matching .com domain, Slopsquatting.com, was registered in April, as the term is very new. Other TLDs are available to register, however, in case you wanted to “cybersquat” on the slopsquatting keyword. 😉
Copyright © 2025 DomainGang.com · All Rights Reserved.
