[Fuzz]

Quote:

AI coding assistants, like large language models in general, have a habit of hallucinating. They suggest code that incorporates software packages that don't exist.

As we noted in March and September last year, security and academic researchers have found that AI code assistants invent package names. In a recent study, researchers found that about 5.2 percent of package suggestions from commercial models didn't exist, compared to 21.7 percent from open source models.

Quote:

"The problem is, these code suggestions often include hallucinated package names that sound real but don’t exist. I’ve seen this firsthand. You paste it into your terminal and the install fails – or worse, it doesn’t fail, because someone has slop-squatted that exact package name."

Aboukhadijeh said these fake packages can look very convincing.

"When we investigate, we sometimes find realistic looking READMEs, fake GitHub repos, even sketchy blogs that make the package seem authentic," he said, adding that Socket's security scans will catch these packages because they analyze the way the code works.

"Even worse, when you Google one of these slop-squatted package names, you’ll often get an AI-generated summary from Google itself confidently praising the package, saying it’s useful, stable, well-maintained. But it’s just parroting the package’s own README, no skepticism, no context. To a developer in a rush, it gives a false sense of legitimacy.

"What a world we live in: AI hallucinated packages are validated and rubber-stamped by another AI that is too eager to be helpful."

https://www.theregister.com/2025/04/..._supply_chain/

AI is just way too easy to poison. You put the fake stuff out there, and it doesn't validate anything it gathers. Inexperienced coders happily assemble their product, unaware the dependency they used could be poisoning their databases, harvesting user info, installing any type of malware, and anything else you could dream up.