LLMs can’t stop making up software dependencies and sabotaging everything

#### [AI + ML](/software/ai_ml/)**23** LLMs can’t stop making up software dependencies and sabotaging everything=========================================================================**23** Hallucinated package names fuel ‘slopsquatting’———————————————–[Thomas Claburn](/Author/Thomas-Claburn ‘Read more by this author’) Sat 12 Apr 2025 // 11:14 UTC [](https://www.reddit.com/submit?url=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=LLMs%20can%27t%20stop%20making%20up%20software%20dependencies%20and%20sabotaging%20everything) [](https://twitter.com/intent/tweet?text=LLMs%20can%27t%20stop%20making%20up%20software%20dependencies%20and%20sabotaging%20everything&url=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=LLMs%20can%27t%20stop%20making%20up%20software%20dependencies%20and%20sabotaging%20everything&summary=Hallucinated%20package%20names%20fuel%20%27slopsquatting%27) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) The rise of LLM-powered code generation tools is reshaping how developers write software – and introducing new risks to the software supply chain in the process.These AI coding assistants, like large language models in general, have a habit of hallucinating. They suggest code that incorporates software packages that don’t exist.As we noted [in March](https://www.theregister.com/2024/03/28/ai_bots_hallucinate_software_packages/) and [September](https://www.theregister.com/2024/09/30/ai_code_helpers_invent_packages/) last year, security and academic researchers have found that AI code assistants invent package names. In a recent study, researchers found that about 5.2 percent of package suggestions from commercial models didn’t exist, compared to 21.7 percent from open source models. ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_software/aiml&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z_q4Zx0z6V-sXEcJeX4mqQAAAgY&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0)Running that code should result in an error when importing a non-existent package. But miscreants have realized that they can hijack the hallucination for their own benefit. ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_software/aiml&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z_q4Zx0z6V-sXEcJeX4mqQAAAgY&t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0) ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_software/aiml&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=3&c=33Z_q4Zx0z6V-sXEcJeX4mqQAAAgY&t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dmid%26test%3D0)All that’s required is to create a malicious software package under a hallucinated package name and then upload the bad package to a package registry or index like PyPI or npm for distribution. Thereafter, when an AI code assistant re-hallucinates the co-opted name, the process of installing dependencies and executing the code will run the malware.The recurrence appears to follow a bimodal pattern – some hallucinated names show up repeatedly when prompts are re-run, while others vanish entirely – suggesting certain prompts reliably produce the same phantom packages. ![](https://pubads.g.doubleclick.net/gampad/ad?co=1&iu=/6978/reg_software/aiml&sz=300×50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z_q4Zx0z6V-sXEcJeX4mqQAAAgY&t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0)As [noted](https://socket.dev/blog/slopsquatting-how-ai-hallucinations-are-fueling-a-new-class-of-supply-chain-attacks) by security firm Socket recently, the academic researchers who explored the subject last year found that re-running the same hallucination-triggering prompt ten times resulted in 43 percent of hallucinated packages being repeated every time and 39 percent never reappearing.Exploiting hallucinated package names represents a form of [typosquatting](https://capec.mitre.org/data/definitions/630.html), where variations or misspellings of common terms are used to dupe people. Seth Michael Larson, security developer-in-residence at the Python Software Foundation, has dubbed it ‘slopsquatting’ — ‘slop’ being a common pejorative for AI model output.’We’re in the very early days looking at this problem from an ecosystem level,’ Larson told *The Register*. ‘It’s difficult, and likely impossible, to quantify how many attempted installs are happening because of LLM hallucinations without more transparency from LLM providers. Users of LLM generated code, packages, and information should be double-checking LLM outputs against reality before putting any of that information into operation, otherwise there can be real-world consequences.’Larson said that there are many reasons a developer might attempt to install a package that doesn’t exist, including mistyping the package name, incorrectly installing internal packages without checking to see whether those names already exist in a public index (dependency confusion), differences in the package name and the module name, and so on.’We’re seeing a real shift in how developers write code,’ Feross Aboukhadijeh, CEO of security firm Socket, told *The Register* . ‘With AI tools becoming the default assistant for many, ‘[vibe coding](https://x.com/karpathy/status/1886192184808149383)’ is happening constantly. Developers prompt the AI, copy the suggestion, and move on. Or worse, the AI agent just goes ahead and installs the recommended packages itself.> The problem is, these code suggestions often include hallucinated package names that sound real but don’t exist’The problem is, these code suggestions often include hallucinated package names that sound real but don’t exist. I’ve seen this firsthand. You paste it into your terminal and the install fails — or worse, it doesn’t fail, because someone has slop-squatted that exact package name.’Aboukhadijeh said these fake packages can look very convincing.’When we investigate, we sometimes find realistic looking READMEs, fake GitHub repos, even sketchy blogs that make the package seem authentic,’ he said, adding that Socket’s security scans will catch these packages because they analyze the way the code works.> What a world we live in: AI hallucinated packages are validated and rubber-stamped by another AI that is too eager to be helpful’Even worse, when you Google one of these slop-squatted package names, you’ll often get an AI-generated summary from Google itself confidently praising the package, saying it’s useful, stable, well-maintained. But it’s just parroting the package’s own README, no skepticism, no context. To a developer in a rush, it gives a false sense of legitimacy.’What a world we live in: AI hallucinated packages are validated and rubber-stamped by another AI that is too eager to be helpful.’Aboukhadijeh pointed to [an incident in January](https://socket.dev/blog/gmail-for-exfiltration-malicious-npm-packages-target-solana-private-keys-and-drain-victim-s) in which Google’s AI Overview, which responds to search queries with AI-generated text, suggested a malicious npm package @async-mutex/mutex, which was typosquatting the legitimate package async-mutex.He also noted that recently a threat actor using the name ‘_Iain’ published a playbook on a dark web forum detailing how to build a blockchain-based botnet using malicious npm packages.Aboukhadijeh explained that _Iain ‘automated the creation of thousands of typo-squatted packages (many targeting crypto libraries) and even used ChatGPT to generate realistic-sounding variants of real package names at scale. He shared video tutorials walking others through the process, from publishing the packages to executing payloads on infected machines via a GUI. It’s a clear example of how attackers are weaponizing AI to accelerate software supply chain attacks.’* [GitHub supply chain attack spills secrets from 23,000 projects](https://www.theregister.com/2025/03/17/supply_chain_attack_github/)* [North Koreans clone open source projects to plant backdoors, steal credentials](https://www.theregister.com/2025/01/29/lazarus_groups_supply_chain_attack/)* [Snyk appears to deploy ‘malicious’ packages targeting Cursor for unknown reason](https://www.theregister.com/2025/01/14/snyk_npm_deployment_removed/)* [Ongoing typosquatting campaign impersonates hundreds of popular npm packages](https://www.theregister.com/2024/11/05/typosquatting_npm_campaign/)Larson said the Python Software Foundation is working constantly to make package abuse more difficult, adding such work takes time and resources.’Alpha-Omega has sponsored the work of Mike Fiedler, our PyPI Safety -& Security Engineer, to work on reducing the risks of malware on PyPI such as by implementing an programmatic API to report malware, partnering with existing malware reporting teams, and implementing better detections for typo-squatting of top projects,’ he said.’Users of PyPI and package managers in general should be checking that the package they are installing is an existing well-known package, that there are no typos in the name, and that the content of the package has been reviewed before installation. Even better, organizations can mirror a subset of PyPI within their own organizations to have much more control over which packages are available for developers.’ ® [Sponsored: Don’t let cyberattacks keep you down](https://go.theregister.com/tl/3147/shttps://www.theregister.com/2025/04/02/dont_let_cyberattacks_keep_you/) Share [](https://www.reddit.com/submit?url=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=LLMs%20can%27t%20stop%20making%20up%20software%20dependencies%20and%20sabotaging%20everything) [](https://twitter.com/intent/tweet?text=LLMs%20can%27t%20stop%20making%20up%20software%20dependencies%20and%20sabotaging%20everything&url=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=LLMs%20can%27t%20stop%20making%20up%20software%20dependencies%20and%20sabotaging%20everything&summary=Hallucinated%20package%20names%20fuel%20%27slopsquatting%27) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) #### More about* [AI](/Tag/AI/)* [Government](/Tag/Government/)* [Security](/Tag/Security/) More like these × ### More about* [AI](/Tag/AI/)* [Government](/Tag/Government/)* [Security](/Tag/Security/)* [Software](/Tag/Software/)* [Supply Chain](/Tag/Supply%20Chain/) ### Narrower topics* [2FA](/Tag/2FA/)* [AdBlock Plus](/Tag/AdBlock%20Plus/)* [Advanced persistent threat](/Tag/Advanced%20persistent%20threat/)* [App](/Tag/App/)* [Application Delivery Controller](/Tag/Application%20Delivery%20Controller/)* [Audacity](/Tag/Audacity/Audio%20Editor/ ‘Disambiguation: Audio Editor’)* [Authentication](/Tag/Authentication/)* [BEC](/Tag/BEC/)* [Black Hat](/Tag/Black%20Hat/)* [BSides](/Tag/BSides/)* [Bug Bounty](/Tag/Bug%20Bounty/)* [CHERI](/Tag/CHERI/)* [CISO](/Tag/CISO/)* [Common Vulnerability Scoring System](/Tag/Common%20Vulnerability%20Scoring%20System/)* [Confluence](/Tag/Confluence/)* [Cybercrime](/Tag/Cybercrime/)* [Cybersecurity](/Tag/Cybersecurity/)* [Cybersecurity and Infrastructure Security Agency](/Tag/Cybersecurity%20and%20Infrastructure%20Security%20Agency/)* [Cybersecurity Information Sharing Act](/Tag/Cybersecurity%20Information%20Sharing%20Act/)* [Database](/Tag/Database/)* [Data Breach](/Tag/Data%20Breach/)* [Data Protection](/Tag/Data%20Protection/)* [Data Theft](/Tag/Data%20Theft/)* [DDoS](/Tag/DDoS/)* [DeepSeek](/Tag/DeepSeek/)* [DEF CON](/Tag/DEF%20CON/)* [Digital certificate](/Tag/Digital%20certificate/)* [Encryption](/Tag/Encryption/)* [Exploit](/Tag/Exploit/)* [Federal government of the United States](/Tag/Federal%20government%20of%20the%20United%20States/)* [Firewall](/Tag/Firewall/)* [FOSDEM](/Tag/FOSDEM/)* [FOSS](/Tag/FOSS/)* [Gemini](/Tag/Gemini/)* [Google AI](/Tag/Google%20AI/)* [Government of the United Kingdom](/Tag/Government%20of%20the%20United%20Kingdom/)* [GPT-3](/Tag/GPT-3/)* [GPT-4](/Tag/GPT-4/)* [Grab](/Tag/Grab/)* [Graphics Interchange Format](/Tag/Graphics%20Interchange%20Format/)* [Hacker](/Tag/Hacker/)* [Hacking](/Tag/Hacking/)* [Hacktivism](/Tag/Hacktivism/)* [IDE](/Tag/IDE/)* [Identity Theft](/Tag/Identity%20Theft/)* [Incident response](/Tag/Incident%20response/)* [Infosec](/Tag/Infosec/)* [Infrastructure Security](/Tag/Infrastructure%20Security/)* [Insider Trading](/Tag/Insider%20Trading/)* [Jenkins](/Tag/Jenkins/)* [Kenna Security](/Tag/Kenna%20Security/)* [Large Language Model](/Tag/Large%20Language%20Model/)* [Legacy Technology](/Tag/Legacy%20Technology/)* [LibreOffice](/Tag/LibreOffice/)* [Machine Learning](/Tag/Machine%20Learning/)* [Map](/Tag/Map/)* [MCubed](/Tag/MCubed/)* [Microsoft 365](/Tag/Microsoft%20365/)* [Microsoft Office](/Tag/Microsoft%20Office/)* [Microsoft Teams](/Tag/Microsoft%20Teams/)* [Mobile Device Management](/Tag/Mobile%20Device%20Management/)* [NCSAM](/Tag/NCSAM/)* [NCSC](/Tag/NCSC/)* [Neural Networks](/Tag/Neural%20Networks/)* [NLP](/Tag/NLP/)* [OpenOffice](/Tag/OpenOffice/)* [Palo Alto Networks](/Tag/Palo%20Alto%20Networks/)* [Password](/Tag/Password/)* [Phishing](/Tag/Phishing/)* [Programming Language](/Tag/Programming%20Language/)* [QR code](/Tag/QR%20code/)* [Quantum key distribution](/Tag/Quantum%20key%20distribution/)* [Ransomware](/Tag/Ransomware/)* [Remote Access Trojan](/Tag/Remote%20Access%20Trojan/)* [Retro computing](/Tag/Retro%20computing/)* [REvil](/Tag/REvil/)* [RSA Conference](/Tag/RSA%20Conference/)* [Search Engine](/Tag/Search%20Engine/)* [Software bug](/Tag/Software%20bug/)* [Software License](/Tag/Software%20License/)* [Spamming](/Tag/Spamming/)* [Spyware](/Tag/Spyware/)* [Star Wars](/Tag/Star%20Wars/)* [Supply Chain Security Week](/Tag/Supply%20Chain%20Security%20Week/)* [Surveillance](/Tag/Surveillance/)* [Tensor Processing Unit](/Tag/Tensor%20Processing%20Unit/)* [Text Editor](/Tag/Text%20Editor/)* [TLS](/Tag/TLS/)* [TOPS](/Tag/TOPS/)* [Trojan](/Tag/Trojan/)* [Trusted Platform Module](/Tag/Trusted%20Platform%20Module/)* [User interface](/Tag/User%20interface/)* [Visual Studio](/Tag/Visual%20Studio/)* [Visual Studio Code](/Tag/Visual%20Studio%20Code/)* [Vulnerability](/Tag/Vulnerability/)* [Wannacry](/Tag/Wannacry/)* [WebAssembly](/Tag/WebAssembly/)* [Web Browser](/Tag/Web%20Browser/)* [WordPress](/Tag/WordPress/)* [Zero trust](/Tag/Zero%20trust/) ### Broader topics* [Sector](/Tag/Sector/)* [Self-driving Car](/Tag/Self-driving%20Car/) #### More aboutShare [](https://www.reddit.com/submit?url=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dreddit&title=LLMs%20can%27t%20stop%20making%20up%20software%20dependencies%20and%20sabotaging%20everything) [](https://twitter.com/intent/tweet?text=LLMs%20can%27t%20stop%20making%20up%20software%20dependencies%20and%20sabotaging%20everything&url=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dtwitter&via=theregister) [](https://www.facebook.com/dialog/feed?app_id=1404095453459035&display=popup&link=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dfacebook) [](https://www.linkedin.com/shareArticle?mini=true&url=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dlinkedin&title=LLMs%20can%27t%20stop%20making%20up%20software%20dependencies%20and%20sabotaging%20everything&summary=Hallucinated%20package%20names%20fuel%20%27slopsquatting%27) [](https://api.whatsapp.com/send?text=https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/%3futm_medium%3dshare%26utm_content%3darticle%26utm_source%3dwhatsapp) **23** COMMENTS #### More about* [AI](/Tag/AI/)* [Government](/Tag/Government/)* [Security](/Tag/Security/) More like these × ### More about* [AI](/Tag/AI/)* [Government](/Tag/Government/)* [Security](/Tag/Security/)* [Software](/Tag/Software/)* [Supply Chain](/Tag/Supply%20Chain/) ### Narrower topics* [2FA](/Tag/2FA/)* [AdBlock Plus](/Tag/AdBlock%20Plus/)* [Advanced persistent threat](/Tag/Advanced%20persistent%20threat/)* [App](/Tag/App/)* [Application Delivery Controller](/Tag/Application%20Delivery%20Controller/)* [Audacity](/Tag/Audacity/Audio%20Editor/ ‘Disambiguation: Audio Editor’)* [Authentication](/Tag/Authentication/)* [BEC](/Tag/BEC/)* [Black Hat](/Tag/Black%20Hat/)* [BSides](/Tag/BSides/)* [Bug Bounty](/Tag/Bug%20Bounty/)* [CHERI](/Tag/CHERI/)* [CISO](/Tag/CISO/)* [Common Vulnerability Scoring System](/Tag/Common%20Vulnerability%20Scoring%20System/)* [Confluence](/Tag/Confluence/)* [Cybercrime](/Tag/Cybercrime/)* [Cybersecurity](/Tag/Cybersecurity/)* [Cybersecurity and Infrastructure Security Agency](/Tag/Cybersecurity%20and%20Infrastructure%20Security%20Agency/)* [Cybersecurity Information Sharing Act](/Tag/Cybersecurity%20Information%20Sharing%20Act/)* [Database](/Tag/Database/)* [Data Breach](/Tag/Data%20Breach/)* [Data Protection](/Tag/Data%20Protection/)* [Data Theft](/Tag/Data%20Theft/)* [DDoS](/Tag/DDoS/)* [DeepSeek](/Tag/DeepSeek/)* [DEF CON](/Tag/DEF%20CON/)* [Digital certificate](/Tag/Digital%20certificate/)* [Encryption](/Tag/Encryption/)* [Exploit](/Tag/Exploit/)* [Federal government of the United States](/Tag/Federal%20government%20of%20the%20United%20States/)* [Firewall](/Tag/Firewall/)* [FOSDEM](/Tag/FOSDEM/)* [FOSS](/Tag/FOSS/)* [Gemini](/Tag/Gemini/)* [Google AI](/Tag/Google%20AI/)* [Government of the United Kingdom](/Tag/Government%20of%20the%20United%20Kingdom/)* [GPT-3](/Tag/GPT-3/)* [GPT-4](/Tag/GPT-4/)* [Grab](/Tag/Grab/)* [Graphics Interchange Format](/Tag/Graphics%20Interchange%20Format/)* [Hacker](/Tag/Hacker/)* [Hacking](/Tag/Hacking/)* [Hacktivism](/Tag/Hacktivism/)* [IDE](/Tag/IDE/)* [Identity Theft](/Tag/Identity%20Theft/)* [Incident response](/Tag/Incident%20response/)* [Infosec](/Tag/Infosec/)* [Infrastructure Security](/Tag/Infrastructure%20Security/)* [Insider Trading](/Tag/Insider%20Trading/)* [Jenkins](/Tag/Jenkins/)* [Kenna Security](/Tag/Kenna%20Security/)* [Large Language Model](/Tag/Large%20Language%20Model/)* [Legacy Technology](/Tag/Legacy%20Technology/)* [LibreOffice](/Tag/LibreOffice/)* [Machine Learning](/Tag/Machine%20Learning/)* [Map](/Tag/Map/)* [MCubed](/Tag/MCubed/)* [Microsoft 365](/Tag/Microsoft%20365/)* [Microsoft Office](/Tag/Microsoft%20Office/)* [Microsoft Teams](/Tag/Microsoft%20Teams/)* [Mobile Device Management](/Tag/Mobile%20Device%20Management/)* [NCSAM](/Tag/NCSAM/)* [NCSC](/Tag/NCSC/)* [Neural Networks](/Tag/Neural%20Networks/)* [NLP](/Tag/NLP/)* [OpenOffice](/Tag/OpenOffice/)* [Palo Alto Networks](/Tag/Palo%20Alto%20Networks/)* [Password](/Tag/Password/)* [Phishing](/Tag/Phishing/)* [Programming Language](/Tag/Programming%20Language/)* [QR code](/Tag/QR%20code/)* [Quantum key distribution](/Tag/Quantum%20key%20distribution/)* [Ransomware](/Tag/Ransomware/)* [Remote Access Trojan](/Tag/Remote%20Access%20Trojan/)* [Retro computing](/Tag/Retro%20computing/)* [REvil](/Tag/REvil/)* [RSA Conference](/Tag/RSA%20Conference/)* [Search Engine](/Tag/Search%20Engine/)* [Software bug](/Tag/Software%20bug/)* [Software License](/Tag/Software%20License/)* [Spamming](/Tag/Spamming/)* [Spyware](/Tag/Spyware/)* [Star Wars](/Tag/Star%20Wars/)* [Supply Chain Security Week](/Tag/Supply%20Chain%20Security%20Week/)* [Surveillance](/Tag/Surveillance/)* [Tensor Processing Unit](/Tag/Tensor%20Processing%20Unit/)* [Text Editor](/Tag/Text%20Editor/)* [TLS](/Tag/TLS/)* [TOPS](/Tag/TOPS/)* [Trojan](/Tag/Trojan/)* [Trusted Platform Module](/Tag/Trusted%20Platform%20Module/)* [User interface](/Tag/User%20interface/)* [Visual Studio](/Tag/Visual%20Studio/)* [Visual Studio Code](/Tag/Visual%20Studio%20Code/)* [Vulnerability](/Tag/Vulnerability/)* [Wannacry](/Tag/Wannacry/)* [WebAssembly](/Tag/WebAssembly/)* [Web Browser](/Tag/Web%20Browser/)* [WordPress](/Tag/WordPress/)* [Zero trust](/Tag/Zero%20trust/) ### Broader topics* [Sector](/Tag/Sector/)* [Self-driving Car](/Tag/Self-driving%20Car/) #### TIP US OFF[Send us news](https://www.theregister.com/Profile/contact/)[#### AI entrepreneur sent avatar to argue in court — and the judge shut it down fastInterview We hear from court-scolded Jerome Dewald, who insists lawyer-bots have a futureAI + ML4 days -| 27](/2025/04/09/court_scolds_ai_entrepreneur_avatar_testify/?td=keepreading) [#### AI agents swarm Microsoft Security CopilotLooking to sort through large volumes of security info? Redmond has your backendSecurity19 days -| 13](/2025/03/24/microsoft_security_copilot_agents/?td=keepreading) [#### Writing for humans? Perhaps in future we’ll write specifically for AI — and be paid for itInterview ‘There needs to be a better economic as well as copyright framework’, Thomson Reuters CPO tells usAI + ML11 days -| 21](/2025/04/01/interview_with_david_wong/?td=keepreading) [#### Data deluge pushes financial services deeper into AIHarnessing AI to optimize applications and services is crucial but building the infrastructure is equally importantSponsored Feature](/2025/03/11/data_deluge_pushes_financial_services/?td=keepreading) [#### Apps-from-prompts Firebase Studio is a great example — of why AI can’t replace devsCloud Next Big G reckons this agentic IDE speeds up or simplifies coding. Developers who’ve used it aren’t so sureAI + ML2 days -| 16](/2025/04/11/firebase_studio_promises_app_prototypes/?td=keepreading) [#### Procter -& Gamble study finds AI could help make Pringles tastier, spice up Old Spice, sharpen GilletteGo on, then, knock yourself out, palAI + ML4 days -| 42](/2025/04/08/procter_gamble_finds_ai_improves_teamwork/?td=keepreading) [#### Too many software supply chain defense bibles? Boffins distill adviceHow to avoid another SolarWinds, Log4j, and XZ Utils situationSecurity23 days -| 10](/2025/03/20/software_supply_chain_defense/?td=keepreading) [#### For flux sake: CISA, annexable allies warn of hot DNS threatShape shifting technique described as menace to national securityCSO9 days -| 5](/2025/04/03/cisa_and_annexable_allies_warn/?td=keepreading) [#### Google’s got a hot cloud infosec startup, a new unified platform — and its eye on Microsoft’s $20B+ security bizCloud Next How Chocolate Factory hopes to double down on enterprise-secCSO3 days -| 7](/2025/04/09/google_enterprise_security_ambitions/?td=keepreading) [#### Founder of facial-rec controversy biz Clearview AI booted from boardFrom wanting to weed out far-Left, anti-Trump migrants to amassing a huge database of internet photosAI + ML3 days -| 6](/2025/04/09/clearview_founder_exceo_ousted/?td=keepreading) [#### Billions pour into AI as emissions rise, returns stay pitiful, say Stanford boffinsModels get bulkier, burnier, bank-breakierAI + ML1 day -| 10](/2025/04/11/stanford_ai_report/?td=keepreading) [#### Generative AI app goes dark after child-like deepfakes found in open S3 bucketProducing this stuff is bad enough, but d’ya really have to leave all of it on the web for anyone to find?AI + ML12 days -| 13](/2025/04/01/nudify_website_open_database/?td=keepreading)

Related Tags:
NAICS: 541 – Professional

Scientific

Technical Services

NAICS: 52 – Finance And Insurance

NAICS: 518 – Computing Infrastructure Providers

Data Processing

Web Hosting

Related Services

NAICS: 92 – Public Administration

NAICS: 523 – Securities

Commodity Contracts

Other Financial Investments And Related Activities

NAICS: 51 – Information

NAICS: 928 – National Security And International Affairs

Sodinokibi

REvil

Associated Indicators:

Threat Intel Solutions

Search

Popular Posts

Introducing ToyMaker

Mapping The Cyber Kill Chain Using Correlated Security Logs And Timeline Tools

Detecting Malicious JavaScript Using Behavior Analysis And Network Traces

Categories

Archives

Tags

Follow Us