Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Last Tuesday, a platform security engineer at a mid-size fintech company ran a routine audit on their production Kubernetes clusters. The audit surfaced three LangChain-based agents, two vLLM inference servers, and a Model Context Protocol (MCP) tool runtime. None had been reported by the development teams. None appeared in any security inventory. All had been running for weeks. One of the agents had been making outbound API calls to a third-party data enrichment service every four minutes.

You’re evaluating AI workload security tools and every demo looks the same. Vendor A shows you an AI-SPM dashboard. Vendor B shows you a nearly identical AI-SPM dashboard with slightly different branding. Vendor C shows you posture findings with an “AI workload” tag that wasn’t there last quarter.

A sales rep opened Glean—an AI-powered enterprise search platform that connects to your company's SaaS apps and lets anyone query across all of them in natural language—typed "Who are my top 10 customers?" and got a clean, formatted list pulled from Salesforce, cross-referenced with HubSpot, and confirmed against data sitting in Google Drive. They copy-pasted that list into a personal Gmail draft. No alerts fired. No policies triggered. No one noticed. This isn't a hypothetical.

You track your web applications. You inventory your APIs. But is anybody monitoring your AI servers? Just last week research found that there were more than 175,000 exposed versions of Ollama, an AI server popular for self-hosting LLMs. Across enterprises, self-hosted model servers are being deployed on cloud VMs and GPU-backed instances to power copilots, internal automation, and experimental AI features.

Earlier this year, AWS experienced a 13-hour outage that was reportedly linked to one of its own internal AI coding tools. Apparently, their Kiro agentic coding tool thought that there was an issue with the code in the environment, and that the best way to fix it was to simply burn it to the ground.

If you’re like me, you’ve been enthralled with the recent story, expertly written by Sean Hollister at The Verge, about how Sammy Azdoufal built a remote control for his DJI Romo vacuum with a PlayStation controller, and ended up in control of 7,000+ robovacs all over the world. On the surface, it sounds like vibe coding gone slightly sideways. I mean, really, what could a vacuum possibly do? Turns out… a lot.