LLMs in Attacker Crosshairs, Warns Threat Intel Firm

LLMs in Attacker Crosshairs, Warns Threat Intel Firm

Posted on By CWS

Risk actors have been probing misconfigured proxy servers that might present them with entry to LLM APIs, risk intelligence agency GreyNoise experiences.

Between October 2025 and January 2026, the corporate’s honeypots captured over 91,000 assault periods, together with assaults related to two campaigns.

The primary began in October and relied on ProjectDiscovery’s OAST (Out-of-band Software Safety Testing) infrastructure to use server-side request forgery (SSRF) vulnerabilities.

The marketing campaign spiked over Christmas and a lot of the assaults had the identical signature, suggesting automated tooling.

Primarily based on the noticed VPS-based assault infrastructure, GreyNoise believes that the marketing campaign was carried out by safety researchers or bug hunters, however doesn’t exclude the potential of a grey-hat operation.

The second marketing campaign began on December 28 and concerned 80,469 assault periods over an 11-day interval. The attackers had been probing greater than 70 LLM mannequin endpoints, on the lookout for misconfigurations that might leak entry to industrial APIs, GreyNoise explains.Commercial. Scroll to proceed studying.

The assaults carried out reconnaissance in opposition to fashions from OpenAI (GPT-4o and variants), Anthropic (Claude Sonnet, Opus, Haiku), Meta (Llama 3.x), DeepSeek (DeepSeek-R1), Google (Gemini), Mistral, Alibaba (Qwen), and xAI (Grok).

“Take a look at queries stayed intentionally innocuous with the probably aim to fingerprint which mannequin truly responds with out triggering safety alerts,” GreyNoise notes.

The assaults originated from two IP addresses related to the exploitation of greater than 200 vulnerabilities, together with CVE-2025-55182 (React2Shell) and CVE-2023-1389, a command injection bug in TP-Hyperlink Archer AX21 routers.

Based on GreyNoise, the marketing campaign is probably going mounted by a risk actor conducting reconnaissance to construct a goal listing in preparation for a bigger exploitation operation.

Associated: Rethinking Safety for Agentic AI

Associated: Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats

Associated: WormGPT 4 and KawaiiGPT: New Darkish LLMs Increase Cybercrime Automation

Associated: 5 Cybersecurity Predictions for 2026: Id, AI, and the Collapse of Perimeter Pondering

Security Week News Tags:, , , , , ,

Related Posts

Android Crypto Wallets at Risk Due to SDK Flaw Android Crypto Wallets at Risk Due to SDK Flaw Security Week News
Over 300,000 Individuals Impacted by Vitas Hospice Data Breach Over 300,000 Individuals Impacted by Vitas Hospice Data Breach Security Week News
Checkmarx Supply Chain Attack Leads to Data Breach Checkmarx Supply Chain Attack Leads to Data Breach Security Week News
Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm Tens of Thousands of Malicious NPM Packages Distribute Self-Replicating Worm Security Week News
Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking Security Week News
Quest KACE Security Flaw Potentially Exploited by Hackers Quest KACE Security Flaw Potentially Exploited by Hackers Security Week News