6 min read
Research A Wake Forest University empirical study found 282 of 444 iOS AI apps expose exploitable LLM credentials through network traffic. Three months after responsible disclosure, 72% remained vulnerable.
A Wake Forest University empirical study found 282 of 444 iOS AI apps expose exploitable LLM credentials through network traffic. Three months after responsible disclosure, 72% remained vulnerable.
Sysdig researchers have documented a threat actor weaponising misconfigured Ollama model servers as the reasoning engine for an autonomous multi-stage penetration testing framework called VAPT, marking a significant shift in how stolen AI compute is being used.
Sysdig caught a threat actor using a misconfigured Ollama instance as the reasoning engine for an automated offensive pentesting framework — a significant escalation from credential theft to weaponised AI infrastructure.