Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Over the last decade, cloud computing has become the backbone of modern business, transforming how organizations operate and scale. Companies rely heavily on cloud services, with most of their applications and workloads migrating to efficient platforms like AWS due to the increased remote working requirements and demand for scalable, flexible, and cost-effective solutions that support business continuity and growth.

Scammers are taking advantage of the newfound popularity of the China-based AI app DeepSeek, according to researchers at ESET. DeepSeek released its generative AI tool last month, and it’s since overtaken ChatGPT as the top free app in Apple’s App Store. Users are now spotting lookalike domains designed to deliver malware or steal information. Other scams offer users the opportunity to buy phony stocks in DeepSeek.

Just when CIOs and CISOs thought they were getting a grip on API security, AI came along and shook things up. In the past few years, a huge number of organizations have adopted AI, realizing innumerable productivity, operational, and efficiency benefits. However, they’re also having to deal with unprecedented API security challenges. Wallarm’s Annual 2025 API ThreatStats Report reveals a staggering 1,025% year-on-year increase in AI-related API vulnerabilities.

The explosion of AI has led to the creation of tools that make it more accessible, leading to more adoption and more numerous, less sophisticated users. As with cloud computing, that pattern of growth leads to misconfigurations and, ultimately, leaks. One vector for AI leakage is exposed Ollama APIs that allow access to running AI models. Those exposed APIs create potential information security problems for the models’ owners.

Since the Sysdig Threat Research Team (TRT) discovered LLMjacking in May 2024, we have continued to observe new insights into and applications for these attacks. Large language models (LLMs) are rapidly evolving and we are all still learning how best to use them, but in the same vein, attackers continue to evolve and grow their use cases for misuse.

Are your employees accessing restricted websites during work hours? Unrestricted web access on company devices can lead to decreased productivity and increased security risks. For businesses, controlling online activity on work-issued Android phones and tablets is essential to maintaining a secure and focused work environment.