◈ AI Security Intelligence ← All terms
Attack  ·  Glossary

LLMjacking

Definition
An attack that weaponizes exposed, unauthenticated AI model servers (such as open-source Ollama instances) as the autonomous reasoning engine for multi-stage cyberattacks. Attackers use the compromised model to plan, execute, and refine attack strategies without their own computational resources.
Why it matters
Hundreds of thousands of AI model servers are publicly accessible with no authentication, providing attackers with free, sophisticated compute for launching advanced campaigns. A single exposed model becomes a persistent threat multiplier across an organization's entire attack surface.
Demonstrated by recent findings
LLMjacking Evolved: Exposed Ollama Servers Weaponised as AI Reasoning Engine for Autonomous Offensive FrameworkSysdig TRT — Evolved LLMjacking: Exposed Ollama Servers Weaponized as AI Reasoning Engine for Autonomous Offensive VAPT PipelineMalicious JetBrains IDE Plugins Steal AI API Keys from 70,000 Developers (June 2026)LLMjacking Evolved: Exposed Ollama Servers Weaponized as Autonomous Offensive Framework
References
Auth0: LLMjacking and the Hidden Cost of a Stolen API KeySysdig - LLMjacking Evolved Research
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →