Threat Actors Launch Mass Reconnaissance of AI Systems

More Than 91,000 Attacks Target Exposed LLM Endpoints in Coordinated Campaigns Rashmi Ramesh (rashmiramesh_) • January 12, 2026

A large scale reconnaissance campaign targeting major commercial model providers is likely meant to map the expanding surface areas of artificial intelligence deployments.

See Also: On-Demand | NYDFS MFA Compliance: Real-World Solutions for Financial Institutions

Security monitoring platform GreyNoise captured 91,403 attack sessions against its Ollama honeypot infrastructure from October through this month, revealing two operations systematically looking for AI deployment vulnerabilities. The campaigns hit models from OpenAI, Anthropic, Meta, Google, DeepSeek, Mistral, Alibaba and xAI.

One of the campaigns generated particular concern among security researchers. Two internet protocol addresses launched on Dec. 28 methodically probed against more than 73 large language model endpoints over 11 days, creating 80,469 sessions that tested API formats for OpenAI and Google Gemini.

The attackers used innocuous test queries to avoid ...