Sysdig researchers have documented a threat actor weaponising misconfigured Ollama model servers as the reasoning engine for an autonomous multi-stage penetration testing framework called VAPT, marking a significant shift in how stolen AI compute is being used.