CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Artificial Intelligence

LLMs in Attacker Crosshairs, Warns Threat Intel Firm

Threat actors are hunting for misconfigured proxy servers to gain access to APIs for various LLMs. The post LLMs in Attacker Crosshairs, Warns Threat Intel Firm appeared first on SecurityWeek.

AI hack

Threat actors have been probing misconfigured proxy servers that could provide them with access to LLM APIs, threat intelligence firm GreyNoise reports.

Between October 2025 and January 2026, the company’s honeypots captured over 91,000 attack sessions, including assaults associated with two campaigns.

The first started in October and relied on ProjectDiscovery’s OAST (Out-of-band Application Security Testing) infrastructure to exploit server-side request forgery (SSRF) vulnerabilities.

The campaign spiked over Christmas and most of the attacks had the same signature, suggesting automated tooling.

Based on the observed VPS-based attack infrastructure, GreyNoise believes that the campaign was conducted by security researchers or bug hunters, but does not exclude the possibility of a grey-hat operation.

The second campaign started on December 28 and involved 80,469 attack sessions over an 11-day period. The attackers were probing more than 70 LLM model endpoints, looking for misconfigurations that could leak access to commercial APIs, GreyNoise explains.

The attacks performed reconnaissance against models from OpenAI (GPT-4o and variants), Anthropic (Claude Sonnet, Opus, Haiku), Meta (Llama 3.x), DeepSeek (DeepSeek-R1), Google (Gemini), Mistral, Alibaba (Qwen), and xAI (Grok).

“Test queries stayed deliberately innocuous with the likely goal to fingerprint which model actually responds without triggering security alerts,” GreyNoise notes.

The attacks originated from two IP addresses associated with the exploitation of more than 200 vulnerabilities, including CVE-2025-55182 (React2Shell) and CVE-2023-1389, a command injection bug in TP-Link Archer AX21 routers.

According to GreyNoise, the campaign is likely mounted by a threat actor conducting reconnaissance to build a target list in preparation for a larger exploitation operation.

Related: Rethinking Security for Agentic AI

Related: Chrome Extensions With 900,000 Downloads Caught Stealing AI Chats

Related: WormGPT 4 and KawaiiGPT: New Dark LLMs Boost Cybercrime Automation

Related: Five Cybersecurity Predictions for 2026: Identity, AI, and the Collapse of Perimeter Thinking

Latest News

CYBERNEWSMEDIAPublisher