Tools

Tools: Open Source 175k+ Publicly-exposed Ollama AI Instances Discovered

2026-01-31 0 views admin
Tools: Open Source 175k+ Publicly-exposed Ollama AI Instances Discovered

Security researchers have claimed around 175,000 Ollama systems worldwide are exposed, putting them at risk of all sorts of malicious activities. In fact, some are already being abused, and if you’re among those running an Ollama instance, you might want to consider reconfiguring it.

Recently, SentinelOne SentinelLABS and Censys discovered many businesses are running AI models locally (the AI listens only to the computer it’s running on, not the internet) using Ollama.

However, in around 175,000 cases, these are misconfigured to listen on all network interfaces, instead of just localhost, making the AI publicly accessible to anyone on the internet, without a password.

Many of these instances are running on home connections, VPS servers, or cloud machines, and around half allow “tool calling”, meaning their AI isn’t just answering questions, but also running code, calling APIs, and interacting with other systems.

Malicious actors who find these instances can abuse it to do different things and, according to Pillar Security, many are. In an attack called LLMjacking, these actors use other people’s electricity, bandwidth, and compute, to generate spam, malware content, and in some cases - to resell the access to other criminals.

To make matters worse, many systems are located outside normal enterprise security and lack the benefits of corporate firewalls, monitoring, authentication, and similar. All these things, together with the fact that many are sitting on residential IPs, makes them hard to track, and easy to abuse.

Furthermore, some systems are running uncensored models without any safety checks whatsoever, increasing the abuse potential.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Luckily, this isn’t a software bug or a vulnerability and can be addressed rather easily. Ollama already binds only to localhost (127.0.0.1) by default, meaning the problem starts with users exposing their instances to the internet without any protection. All users need to do is lock their instances down properly and they will be safe from LLMjacking.

➡️ Read our full guide to the best antivirus1. Best overall:Bitdefender Total Security2. Best for families:Norton 360 with LifeLock3. Best for mobile:McAfee Mobile Security

Source: HackerNews

🏷️ Tags

open sourcetoolsoftwareapi

More from Tools

Tools: How to generate a PDF from HTML in Node.js (without Puppeteer)

Tools: How to generate a PDF from HTML in Node.js (without Puppeteer)

2026-02-25 0
Tools: How I Manage AI Coding Rules Across Claude Code, Cursor, and Codex With One CLI

Tools: How I Manage AI Coding Rules Across Claude Code, Cursor, and Codex With One CLI

2026-02-25 0
Tools: Your Dev Tools Are Leaking Data. Here’s Why I Built Mine to Run Entirely in the Browser.

Tools: Your Dev Tools Are Leaking Data. Here’s Why I Built Mine to Run Entirely in the Browser.

2026-02-25 0
Tools: Vibe Coding is best for repid development but, most of programmer don't knows about .

Tools: Vibe Coding is best for repid development but, most of programmer don't knows about .

2026-02-25 0

Trending

1

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

2025-10-27 • 189 views
2

CVE-2025-43939: Dell Unity OS Command Injection (High)

2025-10-30 • 148 views
3

Google disputes false claims of massive Gmail data breach

2025-10-30 • 130 views
4

Microsoft: DNS outage impacts Azure and Microsoft 365 services

2025-10-30 • 88 views
5

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting

2025-11-25 • 81 views