Monday, 13 July 2026 · World
USD/EUR 0.8768 USD/GBP 0.747 USD/JPY 161.9 USD/CNY 6.78 All rates →
RSS
EUROS The World Financial Report
LATEST
Deals & M&A

AI coding tools expose firms to new software supply chain risk

EUROS Newsroom · 10h ago · 2 min read
AI coding tools expose firms to new software supply chain risk

A surge in AI-assisted coding is inadvertently handing cybercriminals a new route into corporate systems through fabricated software packages.

Cybersecurity researchers have identified a new class of software supply chain attack, dubbed "slopsquatting," which exploits the tendency of artificial intelligence coding assistants to invent non-existent open-source packages. By registering these hallucinated package names and populating them with malware, threat actors can bypass traditional security barriers and inject malicious code directly into enterprise development workflows.

Unlike traditional typosquatting, which relies on misspelled versions of popular libraries, this method leverages plausible but entirely fictitious package names generated by large language models. Because these names are not simple typographical errors, existing registry protections fail to flag them. This allows malicious packages to sit undetected in production environments for months or even years.

The scale of this corporate vulnerability is expanding rapidly as AI adoption accelerates across the technology sector. Developers estimate that more than 40% of committed code now includes AI assistance, with 72% of users relying on these tools daily. Simultaneously, a recent analysis of over 31,000 vulnerabilities found that reported software flaws are growing at an annual rate of 98%, significantly outpacing the 25% growth in open-source packages.

Corporate exposure depends heavily on the specific AI models deployed. Proprietary systems hallucinate package names at significantly lower rates than open-source alternatives. In tests spanning 2.23 million generated packages, GPT-4.0 Turbo produced hallucinations 3.59% of the time, while DeepSeek 1B, the top-performing open-source model tested, hallucinated at a rate of 13.63%.

The threat is compounded by the predictability of these AI errors. Because language models generate statistically likely responses rather than verified facts, they consistently recommend the same fictitious packages. Studies show hallucination rates ranging from 50% to 82% across different models and prompting methods. Furthermore, attackers can actively manipulate this process through retrieval poisoning, forcing models to recommend specific malicious packages.

This disparity means organizations relying on open-source AI coding tools face a disproportionately higher risk of supply chain compromises. For corporate executives and investors, this represents a growing operational liability that can compromise intellectual property and customer data. Mitigating the threat requires security teams to implement automated checks that validate all AI-recommended package names against official registries before integration.