Cybercriminals are abusing exposed enterprise AI backends, including Ollama and LiteLLM endpoints observed between March and May 2026, to run autonomous penetration-testing agents, offensive tooling, and reconnaissance workflows without first compromising the victim organization’s network. The...