Hackers can use 9 of the most popular AI tools to assemble massive botnets
Critical security vulnerability affecting multiple major AI developer tools that requires immediate attention from engineering teams using these platforms.
AI Summary
Security researchers have discovered a new type of injection attack called 'HalluSquatting' that exploits AI coding assistants' tendency to hallucinate resource identifiers, allowing attackers to create massive botnets by compromising popular AI tools including Cursor, GitHub Copilot, Gemini CLI, and others. The attack works by predicting which identifiers LLMs are most likely to hallucinate and seeding malicious code in those repositories. This represents the first scalable pull-based prompt injection attack capable of large-scale device infections.
Excerpt
"HalluSquatting" weaponizes LLMs' inability to say "I don't know."
