AI-Enabled Coding Assistants Exploited via Slopsquatting
Summary
Hide ▲
Show ▼
Threat actors are exploiting AI-enabled coding assistants by targeting hallucinated software libraries. These assistants, which 97% of developers use, recommend non-existent packages. Attackers register malicious versions of these hallucinated libraries, leading to 'slopsquatting' attacks. For example, a malicious package 'ccxt-mexc-futures' was downloaded over 1,000 times on PyPI, modifying cryptocurrency trading operations. This highlights the growing third-party risks in software supply chains, emphasizing the need for proactive security measures. The evolution of third-party risks, from open-source vulnerabilities like Log4Shell to AI-assisted coding threats, underscores the importance of visibility and proactive security practices in software development.
Timeline
-
16.12.2025 20:00 1 articles · 4h ago
Slopsquatting Attacks Exploit AI-Enabled Coding Assistants
Threat actors are now targeting AI-enabled coding assistants by exploiting their tendency to hallucinate non-existent software libraries. These hallucinated libraries are then registered with malicious code, leading to 'slopsquatting' attacks. For instance, a malicious package 'ccxt-mexc-futures' was downloaded over 1,000 times on PyPI, modifying cryptocurrency trading operations. This highlights the growing risks associated with AI-assisted coding and the need for enhanced security measures in software development.
Show sources
- From Open Source to OpenAI: The Evolution of Third-Party Risk — www.securityweek.com — 16.12.2025 20:00
Information Snippets
-
97% of developers have used AI tools in the past year, according to GitHub.
First reported: 16.12.2025 20:001 source, 1 articleShow sources
- From Open Source to OpenAI: The Evolution of Third-Party Risk — www.securityweek.com — 16.12.2025 20:00
-
19% of all recommended software packages by leading code-generation tools do not exist.
First reported: 16.12.2025 20:001 source, 1 articleShow sources
- From Open Source to OpenAI: The Evolution of Third-Party Risk — www.securityweek.com — 16.12.2025 20:00
-
43% of hallucinated software packages are repeated every time by AI coding assistants.
First reported: 16.12.2025 20:001 source, 1 articleShow sources
- From Open Source to OpenAI: The Evolution of Third-Party Risk — www.securityweek.com — 16.12.2025 20:00
-
A malicious software package 'ccxt-mexc-futures' was registered and downloaded over 1,000 times on PyPI.
First reported: 16.12.2025 20:001 source, 1 articleShow sources
- From Open Source to OpenAI: The Evolution of Third-Party Risk — www.securityweek.com — 16.12.2025 20:00
-
The SolarWinds breach in 2020 compromised 18,000 customers, enabling access to high-value targets including U.S. federal agencies.
First reported: 16.12.2025 20:001 source, 1 articleShow sources
- From Open Source to OpenAI: The Evolution of Third-Party Risk — www.securityweek.com — 16.12.2025 20:00
-
Log4Shell, a Log4J vulnerability, affected hundreds of millions of applications and devices, causing a major supply chain security crisis.
First reported: 16.12.2025 20:001 source, 1 articleShow sources
- From Open Source to OpenAI: The Evolution of Third-Party Risk — www.securityweek.com — 16.12.2025 20:00