Notifications
Clear all
Topic starter
12/05/2026 7:20 pm
TL;DR: Exposed AWS credentials were probed in an average of 17 minutes and sometimes in just 9, and attackers then enumerated model access before attempting unauthorized AI invocations, according to Entro Security. The lesson is clear: LLMjacking is an NHI governance problem, not just a cloud misconfiguration problem.
NHIMG editorial — based on research published by Entro Security.
Questions worth separating out
Q: How should teams stop LLMjacking when NHI secrets leak?
A: Teams should assume leaked machine credentials will be tested quickly, then combine secret discovery, immediate revocation, least privilege, and runtime monitoring for AI endpoints.
Q: Why does LLMjacking matter for IAM and NHI governance?
A: LLMjacking turns credential hygiene into a direct control over AI abuse, cloud spend, and policy enforcement.
Q: What is the difference between secrets rotation and least privilege for AI workloads?
A: Secrets rotation reduces how long an exposed credential stays usable, while least privilege limits what that credential can do if it is stolen.
Practitioner guidance
- Implement continuous secret discovery Scan repositories, logs, paste services, and collaboration channels for exposed AWS keys and other NHI secrets, then trigger immediate revocation workflows when a match appears.
- Reduce AI permissions to the minimum scope Separate model invocation rights from unrelated cloud permissions and remove broad entitlements that let a single secret reach storage, billing, and AI endpoints.
- Alert on model enumeration behaviour Watch for low-noise calls that reveal available foundation models, account value, or permission scope before any high-volume inference activity starts.
Security programmes should measure leak-to-revocation time as a first-class control metric?
👉 Read Entro Security's analysis of LLMjacking and compromised AWS NHIs →
Explore further
View Full Forum → | NHI Foundation Course → | Our Services →
12/05/2026 7:20 pm
A few things worth adding from our research at NHI Mgmt Group.
LLMjacking is an identity governance failure first and an AI abuse problem second. The moment a non-human credential can reach model endpoints, the security boundary shifts from application logic to secret hygiene, scope control, and revocation speed. That means IAM teams cannot treat GenAI access as an isolated service integration. They have to govern it as part of the overall NHI estate, or the exposure window becomes the control failure.
A few things that frame the scale:
- 88.5% of organisations acknowledge that their non-human IAM practices lag behind or are merely on par with their human identity and access management efforts, according to The 2024 Non-Human Identity Security Report.
- Only 19.6% of security professionals express strong confidence in their organisation's ability to securely manage non-human workload identities, according to The 2024 Non-Human Identity Security Report.
A question worth separating out:
Q: When should organisations treat model enumeration as suspicious?
A: Organisations should treat model enumeration as suspicious whenever it comes from a machine identity that normally performs routine automation, especially if it appears before any normal application workload. That pattern often means an attacker is mapping the value of the account before attempting unauthorized AI use.
👉 Read our full editorial: LLMjacking turns exposed NHI secrets into rapid AI abuse
