Hunter Perrin
@hperrin@port87.social
I run SciActive, Inc. and Port87. Port87 Mail is email with powerful organization and anti-spam features, https://port87.com I created Svelte Material UI, https://sveltematerialui.com I created Nymph.js, https://nymph.io I am an advocate for LGBTQ rights and leftist politics, https://twitch.tv/SylphWeed
port87.social
Hunter Perrin
@hperrin@port87.social
I run SciActive, Inc. and Port87. Port87 Mail is email with powerful organization and anti-spam features, https://port87.com I created Svelte Material UI, https://sveltematerialui.com I created Nymph.js, https://nymph.io I am an advocate for LGBTQ rights and leftist politics, https://twitch.tv/SylphWeed
port87.social
@hperrin@port87.social
·
Mar 27, 2026
#AI #code often includes references to non-existent dependencies. These references are commonly called “#hallucinations”. A new type of #attack has arisen that involves an attacker registering a package whose name is frequently hallucinated. When AI code containing this #hallucination is accepted, and this dependency is installed, the attacker can ship #malicious code into the project’s build, introducing a major #security vulnerability. This type of attack has become known as “#slopsquatting”.
2
1
0
You've seen all posts