Security researchers have documented a surge in coordinated attacks against AI infrastructure, with more than 91,000 malicious sessions logged between October 2025 and January 2026 The analysis reveals two distinct threat campaigns that systematically exploit the expanded attack surface of AI deployments.
Attack event details:
Campaign #1: Targeting Ollama model pull functionality and Twilio SMS webhook integration, attackers injected malicious registry URLs that generated 1,688 sessions in 48 hours over the Christmas period
Campaign 2: Launched on December 28, 2025, two IP addresses launched 80,469 sessions over 11 days to 73+ large language model endpoints to systematically scout for misconfigured proxies
Objective scope: to test OpenAI-compatible and Google Gemini API formats, covering the major model families GPT-4o, Claude, Llama, DeepSeek, Gemini, Mistral, Qwen and Grok