A new botnet, dubbed NadMesh, is scanning the internet for exposed AI services and harvesting cloud keys and Kubernetes tokens found on them, per The Hacker News. The details available are thin -- no confirmed victim count, no attributed actor -- but the targeting logic is the story: this isn't a generic web-crawler botnet, it's built to hunt the specific class of infrastructure that companies stood up in the last two years to run AI workloads.
This is the predictable next step in a pattern SOVEREIGN SIGNAL has flagged repeatedly: security tooling lags adoption speed by roughly 18-24 months, and attackers exploit exactly that gap. Teams raced to stand up AI inference endpoints, vector databases, and model-serving APIs under deadline pressure, often skipping the hardening checklist that governs traditional prod services -- because "it's just a demo" or "it's internal-only" until it isn't. Exposed dashboards and misconfigured endpoints are old news; what's new is that those endpoints now sit directly next to cloud IAM credentials and Kubernetes service tokens, which turns a minor misconfiguration into a full cloud-account compromise. Botnets that specialize in a niche (Mirai went after IoT, this one goes after AI infra) tend to signal that the niche has become common enough, and lucrative enough, to justify purpose-built tooling.
The SAL read: if your company shipped any AI feature in the last year, assume someone is already scanning for it -- audit every AI-adjacent endpoint's network exposure and credential scope this week, not next quarter.