LLMs hallucinate fabricated domains belonging to established brands, which attackers then register for supply-chain attacks—a hard-to-detect security risk in AI-powered development and research workflows.
Large language models regularly hallucinate non-existent web addresses that attackers preemptively register and abuse with phishing pages; Palo Alto Networks Unit 42 documents the “Phantom Squatting” phenomenon for the first time in practice.