New cyber attack 'LLMjacking' targets cloud-based large language model services through stolen credentials.

Attackers exploit vulnerabilities in the Laravel Framework to hijack cloud-hosted LLMs.

LLMjacking employs tools like Python scripts for key validation and reverse proxies to maintain access without exposing stolen credentials.

The aim is to monetize the LLMs while incurring substantial costs to the victim's organization, disrupting operations.

Mitigation strategies include enabling detailed logging, monitoring for unusual activity, and strong vulnerability management.