Slopsquatting
Slopsquatting is a type of cybersquatting. It is the practice of registering a non-existent software package name that a large language model (LLM) may Hallucination (artificial intelligence), hallucinate in its output, whereby someone unknowingly may copy-paste and install the software package without realizing it is fake. Attempting to install a non-existent package should result in an error, but some have exploited this for their gain in the form of typosquatting. The name is a portmanteau of "AI slop, slop" and "typosquatting". History In 2023, security researcher Bar Lanyado noted that LLMs hallucinated a package named "huggingface-cli". While this name is identical to the command used for the command-line version of HuggingFace Hub, it is not the name of the package. The software is correctly installed with the code . Lanyado tested the potential for slopsquatting by uploading an empty package under this hallucinated name. In three months, it had received over 30,000 downl ...
[...More Info...]       [...Related Items...]     OR:     [Wikipedia]   [Google]   [Baidu]