Risk actors have been probing misconfigured proxy servers that might present them with entry to LLM APIs, risk intelligence agency GreyNoise experiences.
Between October 2025 and January 2026, the corporate’s honeypots captured over 91,000 assault periods, together with assaults related to two campaigns.
The primary began in October and relied on ProjectDiscovery’s OAST (Out-of-band Software Safety Testing) infrastructure to use server-side request forgery (SSRF) vulnerabilities.
The marketing campaign spiked over Christmas and a lot of the assaults had the identical signature, suggesting automated tooling.
Primarily based on the noticed VPS-based assault infrastructure, GreyNoise believes that the marketing campaign was carried out by safety researchers or bug hunters, however doesn’t exclude the potential of a grey-hat operation.
The second marketing campaign began on December 28 and concerned 80,469 assault periods over an 11-day interval. The attackers had been probing greater than 70 LLM mannequin endpoints, on the lookout for misconfigurations that might leak entry to industrial APIs, GreyNoise explains.Commercial. Scroll to proceed studying.
The assaults carried out reconnaissance in opposition to fashions from OpenAI (GPT-4o and variants), Anthropic (Claude Sonnet, Opus, Haiku), Meta (Llama 3.x), DeepSeek (DeepSeek-R1), Google (Gemini), Mistral, Alibaba (Qwen), and xAI (Grok).
“Take a look at queries stayed intentionally innocuous with the probably aim to fingerprint which mannequin truly responds with out triggering safety alerts,” GreyNoise notes.
The assaults originated from two IP addresses related to the exploitation of greater than 200 vulnerabilities, together with CVE-2025-55182 (React2Shell) and CVE-2023-1389, a command injection bug in TP-Hyperlink Archer AX21 routers.
Based on GreyNoise, the marketing campaign is probably going mounted by a risk actor conducting reconnaissance to construct a goal listing in preparation for a bigger exploitation operation.
Associated: Rethinking Safety for Agentic AI
Associated: Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats
Associated: WormGPT 4 and KawaiiGPT: New Darkish LLMs Increase Cybercrime Automation
Associated: 5 Cybersecurity Predictions for 2026: Id, AI, and the Collapse of Perimeter Pondering
