Zero Day MonitorZDM
DashboardVulnerabilitiesTrendingZero-DaysNewsAbout
Login
ImpressumPrivacy Policy
Zero Day Monitor © 2026
3425 articles · 169473 vulns · 36/41 feeds (7d)
← Back to list
EST
PRE-CVEEXPLOITED

Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector

60% confidence

Description

Adversaries exploit large language models (LLMs) to generate hallucinated web domains for legitimate brands, which are then registered to intercept traffic from AI systems. This 'phantom squatting' attack vector targets the software supply chain by leveraging AI-generated URLs in autonomous agents, developer workflows, and CI/CD pipelines. The article details real-world detections of malicious domains and phishing kits (e.g., 'Montana Empire') built using AI coding assistants.

Related News (1 articles)

Tier C
Palo Alto Unit 424h ago
Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector
→ No new info (linked only)
CISA KEV❌ No
Actively exploited✅ Yes
PublishedJul 1, 2026
Last enriched3h ago
Tags
aisupply chainllmphishingdomain squatting
Trending Score40
Source articles1
Independent1
Info Completeness3/14
Missing: cve_id, vendor, product, versions, cvss, epss, cwe, kev, patch, iocs, mitre_attack

Community Vote

0
Login to vote
0 upvotes0 downvotes
No votes yet

Pin to Dashboard

Verification

State: reported
Confidence: 60%

Vulnerability Timeline

CVE Published
Jul 1, 2026
Actively Exploited
Jul 1, 2026
Exploit Available
Jul 1, 2026
Discovered by ZDM
Jul 1, 2026