Typosquatting & Slopsquatting: Detecting and defending against malicious packages
Attackers are exploiting typos and AI-generated code to slip malicious packages into software ecosystems. Learn how typosquatting and slopsquatting attacks work, why AI is accelerating them, and the practical steps to detect, prevent, and secure your supply chain.
Things you'll learn
- What typosquatting and slopsquatting are - and how they differ from more familiar supply-chain threats
- How the explosion of AI-generated code is accelerating these risks and increasing exposure to malicious packages
- Practical ways to identify and investigate suspicious or lookalike packages
- What to do when you find a malicious package: response steps and mitigation tactics
- Proven strategies to strengthen registry hygiene and prevent future incidents
Speakers
Summary
As software ecosystems expand, attackers are exploiting the smallest cracks - from a single typo to a reused name - to sneak in malicious packages. The rise of AI-generated code has amplified this problem. Automated code suggestions, dependency management, and code-completion tools can unintentionally introduce lookalike or compromised packages into projects. These lookalikes are easy to miss and can bypass traditional security checks, creating serious downstream risk.
This session combines real-world examples with practical advice on how to detect, respond to, and prevent squatting attacks in a world where AI-driven development is changing how code is written, shared, and reused. You’ll leave with a clearer understanding of how these threats operate, a simple framework for detection and response, and actionable steps to make your package ecosystem more resilient.
From naming hygiene to automation strategies, this session will help your teams stay one step ahead of the next squatting campaign, whether it is targeting human developers or being propagated by AI-generated code, and keep your software supply chain secure.
