Zenity Labs Reveals AI Infrastructure Weaponization

Zenity Labs revealed that attackers are weaponizing AI infrastructure, targeting exposed model gateways and unmanaged LLM endpoints. The firm's sensors detected thousands of real-world attacks, including exploitation of a critical LiteLLM remote-code-execution flaw (CVE-2026-40217) and use of the Strix autonomous pentesting tool. The findings highlight immediate operational and attack-surface risks for production AI deployments.

For practitioners: exposed model gateways and unmanaged LLM endpoints raise immediate operational and attack-surface risks for production AI deployments. According to Zenity Labs' research press release distributed via Business Wire and republished by multiple outlets , its global network of AI threat-intelligence sensors observed thousands of real-world attack attempts against enterprise AI infrastructure. The report attributes hundreds of exploitation attempts targeting CVE-2026-40217 , a critical remote-code-execution flaw in LiteLLM , beginning the same day the CVE was patched, and continued attempts over six weeks. Zenity's sensors also reported attackers deploying Strix an autonomous pentesting/agent tool , routing multi-agent workflows through exposed infrastructure, using exposed endpoints as free compute cryptomining-like activity , and inadvertently leaking development artifacts via OpenAI's Codex, the report states.