New HalluSquatting Attack Tricks AI Coding Assistants Into Installing Malware
Cybersecurity researchers have discovered a new attack technique called HalluSquatting that exploits AI coding assistants by abusing their tendency to hallucinate non-existent repositories and software resources. Attackers register these fake resources in advance, allowing AI tools to unknowingly retrieve malicious code instead of legitimate packages.


Once the malicious resource is accessed, it can inject attacker-controlled instructions, enabling remote code execution, malware installation, and even botnet deployment. Researchers found that hallucination rates were alarmingly high across several AI coding platforms, increasing the potential impact of the attack.
The study highlights growing supply chain risks in AI-powered development tools and urges vendors to strengthen resource validation and verification mechanisms. Developers are also advised to review AI-generated recommendations before installing repositories, packages, or plugins.
NPAV Endpoint Security, help detect fileless malware, block malicious scripts, and protect users from credential-stealing attacks delivered through fake software downloads.