Hunter Perrin
@hperrin@port87.social
I run SciActive, Inc. and Port87. Port87 Mail is email with powerful organization and anti-spam features, https:// port87.com I created Svelte Material UI, https:// sveltematerialui.com I created Nymph.js, https:// nymph.io I am an advocate for LGBTQ rights and leftist politics, https:// twitch.tv/SylphWeed
port87.social
Hunter Perrin
@hperrin@port87.social
I run SciActive, Inc. and Port87. Port87 Mail is email with powerful organization and anti-spam features, https:// port87.com I created Svelte Material UI, https:// sveltematerialui.com I created Nymph.js, https:// nymph.io I am an advocate for LGBTQ rights and leftist politics, https:// twitch.tv/SylphWeed
port87.social
@hperrin@port87.social
·
Mar 27, 2026
#AI #code often includes references to non-existent dependencies. These references are commonly called “#hallucinations”. A new type of #attack has arisen that involves an attacker registering a package whose name is frequently hallucinated. When AI code containing this #hallucination is accepted, and this dependency is installed, the attacker can ship #malicious code into the project’s build, introducing a major #security vulnerability. This type of attack has become known as “#slopsquatting”.
View full thread on port87.social
1
1
0
Conversation (1)
Showing 0 of 1 cached locally.
Syncing comments from the remote thread. 1 more reply is still loading.
Loading comments...