In this article, I will examine an emerging security problem in AI-assisted development: slopsquatting, a supply-chain attack that exploits hallucinated software package names generated by large language models.As developers increasingly rely on AI coding assistants to accelerate development, hallucinated dependencies can slip into real projects. Attackers can register those phantom package names in public registries and distribute malicious code through them.