THREAT OPS › Threat News › Threat Actors Actively Targeting LLMs
Threat Actors Actively Targeting LLMs
Our Ollama honeypot infrastructure captured 91,403 attack sessions between October 2025 and January 2026. Buried in that data: two distinct campaigns that reveal how threat actors are systematically mapping the expanding surface area of AI deployments.
Original source: https://www.greynoise.io/blog/threat-actors-actively-targeting-llms