LLMs consistently hallucinate Web domains for legitimate brands that attackers can register for malicious activity in a difficult-to-detect attack vector.

Unit 42 found 250,000 unowned domains in 2.1M AI-generated links, with attackers already using the pattern for phishing.

LLMs consistently hallucinate Web domains for legitimate brands that attackers can register for malicious activity in a difficult-to-detect attack vector.