Attackers Targeting LLMs in Widespread Campaign

Cybersecurity researchers have uncovered widespread reconnaissance campaigns targeting large language models (LLMs), indicating plans for future cyberattacks. The campaigns involved probing major LLM families and exploiting SSRF vulnerabilities, highlighting the expanding attack surface of AI systems. #GreyNoise #CVEExploitations

Keypoints

Threat actors are conducting systematic reconnaissance on major LLMs like GPT-4o, Anthropic, and Google Gemini.
The campaigns involved hundreds of thousands of sessions aimed at discovering misconfigured proxy servers.
Attackers used innocuous queries to fingerprint models without activating security alerts.
A second campaign targeted SSRF vulnerabilities using automated tooling like Nuclei.
Organizations are advised to implement strict access controls, monitor request patterns, and block callback channels to mitigate risks.

SHARE THIS STORY

WhatsApp X (Twitter)Telegram Bluesky Facebook LinkedIn Threads Email Print