A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the security risks of hallucinated dependencies.

CSO Online offers insights into cybersecurity, risk management, and IT leadership, providing articles, reports, and expert analysis to help security professionals navigate the evolving threat landscape and protect their organizations from cyber attacks. By exploring CSO Online's curated content, CISOs, security managers, and IT executives can learn about threat intelligence, security frameworks, and incident response strategies for building resilient cybersecurity programs. Whether you're defending against ransomware, phishing attacks, or insider threats, CSO Online offers resources to strengthen your security posture and safeguard your digital assets.

CSO Online

North Korean APT group Famous Chollima has been running a supply-chain campaign called PromptMink, crafting malicious npm and PyPI packages with LLM-optimized README files designed to trick AI coding agents into selecting them as dependencies. Evidence shows Claude Opus co-authored a commit adding one of the malicious packages to a real project. A separate threat called 'slopsquatting' exploits AI hallucinated package names — a researcher registered a hallucinated npm package and found it downloaded from 237 repositories. Security agencies now recommend organizations maintain trusted component registries, restrict agents to allow-listed packages, and require human approval before dependency installation.

Supply-chain attacks take aim at your AI coding agents