Adversaries exploit large language models (LLMs) to generate hallucinated web domains for legitimate brands, which are then registered to intercept traffic from AI systems. This 'phantom squatting' attack vector targets the software supply chain by leveraging AI-generated URLs in autonomous agents, developer workflows, and CI/CD pipelines. The article details real-world detections of malicious domains and phishing kits (e.g., 'Montana Empire') built using AI coding assistants.