A technique called ‘HalluSquatting’ takes advantage of large language models’ tendency to confidently suggest nonexistent package names or domains, which attackers can then register and weaponize. Researchers found that nine of the most widely used AI tools are vulnerable to this method of botnet assembly. The attack vector highlights a systemic risk arising from AI models that lack reliable mechanisms for expressing uncertainty.

Read more at Ars Technica →