Enterprise Security Risks and Criminal Abuse of Large Language Models
The widespread integration of large language models (LLMs) into enterprise environments is introducing new security risks at every layer of the technology stack. Security leaders are being urged to rethink traditional trust boundaries, as LLMs can alter assumptions about data handling, application behavior, and internal controls. Key risks include prompt injection, sensitive data leakage through inputs and outputs, and fragmented ownership of LLM-related security responsibilities. Experts emphasize the need to treat LLMs as untrusted compute and to enforce explicit policy and validation layers, rather than relying solely on prompt engineering or fine-tuning.
Meanwhile, cybercriminals are actively exploiting the popularity of LLMs by selling discounted access to mainstream AI tools such as ChatGPT, Perplexity, and Gemini on underground forums. These tools are being used by threat actors for a range of malicious activities, including phishing, reconnaissance, and automating cybercrime operations. The criminal use of LLMs lowers the barrier to entry for less-skilled attackers and enables more efficient execution of threat campaigns, highlighting the dual challenge of securing enterprise LLM deployments while monitoring their abuse in the cybercriminal ecosystem.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
2 events from the most recent confirmed update back to the earliest known activity.
eSentire reports underground sales of stolen and shared LLM accounts
eSentire reported that cybercriminals were selling access to ChatGPT, Perplexity, and Google AI accounts on underground markets at steep discounts. The report said threat actors were using stolen credentials, infostealer logs, and fraudulent payment methods to obtain accounts for phishing, malware development, and data theft.
DryRun Security publishes enterprise LLM risk guide
DryRun Security released a guide on securing enterprise LLM deployments, structured around the OWASP Top 10 for LLM Applications. The report outlined risks including prompt injection, sensitive data leakage, supply chain issues, data poisoning, and operational risks from agents and vector systems, and recommended layered controls and centralized trust boundaries.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
LLMs are everywhere in your stack and every layer brings new risk
helpnetsecurity.com
Open sourceHackers are Celebrating the Holidays Big this Year Selling ChatGPT, Perplexity and Gemini Subscriptions for 40% to 75% Off!
esentire.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Risks of Over-Reliance and Human Factors in Large Language Model Security
The widespread adoption of large language models (LLMs) in enterprise environments has introduced significant security challenges, particularly due to the tendency to over-rely on their outputs and the normalization of risky behaviors. Experts warn that treating LLMs as reliable and deterministic can lead to systemic vulnerabilities, as these models are inherently probabilistic and can be manipulated through techniques such as indirect prompt injection. This normalization of deviance—where unsafe practices become accepted due to a lack of immediate negative consequences—mirrors historical safety failures in other industries and is exacerbated when vendors make insecure design decisions by default. In addition to technical risks, human factors play a critical role in LLM security. Employees may inadvertently expose sensitive data by pasting it into public LLMs, blindly trust AI-generated outputs, or bypass security policies for convenience, making internal misuse a primary concern. While technical controls such as AI governance and access restrictions are important, organizations must also prioritize security awareness training to address the human side of LLM risk. Building a culture of responsible AI use is essential to mitigate both external threats and internal errors associated with LLM deployment.
Mar 21, 2026
Security Risks and Privacy Challenges of Large Language Models in AI Systems
Large language models (LLMs) present a dual-use dilemma in cybersecurity, as their capabilities can be leveraged for both defensive and offensive purposes. Security researchers have identified purpose-built malicious LLMs, such as WormGPT and KawaiiGPT, which are designed to facilitate cybercrime by generating convincing phishing content and rapidly producing or modifying malicious code. The thin line between beneficial and harmful use of LLMs is defined largely by developer intent and the presence or absence of ethical safeguards, raising concerns about the proliferation of offensive AI tools in the threat landscape. In addition to malicious use, LLMs face significant challenges in maintaining privacy and security due to contextual integrity failures and regulatory-driven censorship. Research from Microsoft highlights the need for AI agents to respect contextual privacy norms, as current models may inadvertently leak sensitive information. Meanwhile, the DeepSeek-R1 model demonstrates how geopolitical censorship mechanisms can introduce security flaws, such as insecure code generation and broken authentication, especially when handling politically sensitive prompts. These issues underscore the urgent need for robust privacy controls and security-aware development practices in the deployment of LLM-powered systems.
Mar 21, 2026
Security Risks and Operational Challenges in Large Language Model (LLM) Applications
Organizations deploying large language model (LLM) applications face significant security and operational risks, including unbounded resource consumption, novel attack vectors, and the need for advanced anomaly detection. Attackers can exploit LLMs by submitting massive, compute-intensive requests, leading to "denial of wallet" attacks that can drain cloud budgets and disrupt business operations. The OWASP Top 10 for LLMs highlights unbounded consumption as a critical vulnerability, emphasizing the importance of implementing resource controls and monitoring usage patterns to prevent financial and service impacts. Additionally, the Model Context Protocol (MCP) introduces new security challenges, as traditional rule-based and signature-based systems are inadequate for detecting sophisticated, context-dependent threats targeting LLM infrastructure. To address these evolving risks, security teams are adopting AI-driven anomaly detection and exposure management strategies that prioritize real, exploitable risks over alert volume. The shift from reactive monitoring to proactive observability and context-aware security is essential for protecting LLM-powered platforms. As threat actors increasingly leverage LLMs to enhance their campaigns, defenders must invest in specialized, security-focused LLMs and scalable infrastructure to keep pace with adversaries and safeguard critical AI assets.
Mar 21, 2026