1b:[["$","script",null,{"type":"application/ld+json","dangerouslySetInnerHTML":{"__html":"{\"@context\":\"https://schema.org\",\"@type\":\"Article\",\"headline\":\"What is Slopsquatting\",\"description\":\"Slopsquatting is a software supply-chain attack where malicious actors register non-existent package names that large language models (LLMs) frequently hallucinate. \",\"author\":{\"@type\":\"Person\",\"name\":\"SMK\"},\"datePublished\":\"2026-06-09T18:49:14.534Z\",\"dateModified\":\"2026-06-09T18:49:14.535Z\",\"publisher\":{\"@type\":\"Organization\",\"name\":\"TRONLAB\",\"url\":\"https://tronlab.in\"},\"image\":\"https://miro.medium.com/v2/da:true/resize:fit:800/0*U_DlbHYlNz5xyNVf\"}"}}],["$","article",null,{"className":"mx-auto max-w-3xl px-6 py-12 lg:px-12","children":[["$","header",null,{"className":"mb-10","children":[null,["$","h1",null,{"className":"text-display-tertiary text-primary","children":"What is Slopsquatting"}],["$","div",null,{"className":"mt-4 flex items-center gap-3 font-mono text-[11px] uppercase tracking-[1.1px] text-secondary","children":[["$","span",null,{"children":"SMK"}],["$","span",null,{"className":"text-accent-mint","children":"·"}],["$","span",null,{"children":"9 June 2026"}]]}]]}],["$","figure",null,{"className":"mb-10","children":[["$","div",null,{"className":"aspect-video overflow-hidden rounded-[20px] border border-border-subtle","children":["$","$L24",null,{"src":"https://miro.medium.com/v2/da:true/resize:fit:800/0*U_DlbHYlNz5xyNVf","alt":"What is Slopsquatting","width":1200,"height":675,"className":"h-full w-full object-cover","priority":true,"unoptimized":true}]}],null]}],["$","div",null,{"className":"prose prose-invert max-w-none prose-headings:font-sans prose-headings:font-bold prose-headings:text-primary prose-p:text-muted prose-p:leading-relaxed prose-a:text-accent-mint prose-a:no-underline hover:prose-a:text-link-hover prose-strong:text-primary prose-code:rounded-[2px] prose-code:bg-surface-secondary prose-code:px-1.5 prose-code:py-0.5 prose-code:font-mono prose-code:text-accent-mint","dangerouslySetInnerHTML":{"__html":"

Slopsquatting is a software supply-chain attack where malicious actors register non-existent package names that large language models (LLMs) frequently hallucinate. When developers blindly copy and paste AI-generated code or installation commands, they inadvertently download and execute malware from repositories like PyPI or npm.

"}}],["$","$L25",null,{"triggerPercent":40,"badgeType":"blog_reader","badgeName":"Blog Geek","badgeIcon":"📖","message":"You're a serious reader! You've made it deep into this article.","page":"/blog/what-is-slopsquatting"}]]}]]