Attackers Use LLM Agent After Marimo Exploit | Let's Data Science
Source: Letsdatascience
Published:
<p>Per Sysdig, an unknown threat actor used a large language model (LLM) agent to drive post-compromise activity after exploiting a public Marimo notebook via CVE-2026-39987 on May 10, 2026. Sysdig reported the intruder extracted two cloud credentials, replayed them through a fanned-out egress pool