Among them, 23,000 hosts were persistently responsible for the majority of activity observed over 293 days of scanning.
January 30, 2026 By Ionut Arghire
SentinelOne and Censys identified AI infrastructure spanning 175,000 exposed Ollama hosts, operating without the typical guardrails and monitoring that providers implement.
Over 293 days of research, the security firms made 7.23 million observations distributed across 130 countries and 4,032 autonomous system numbers (ASNs), with 23,000 hosts accounting for most of the activity.
Roughly half of the identified hosts could execute code, access APIs, and interact with external systems, SentinelOne says.
The cybersecurity firm explains that a small set of transient hosts accounted for most of the observed activity. Specifically, 13% of the hosts appeared in more than 100 observations (generating nearly 76% of the activity).