{
  "name": "jake.sc threat-intel feeds",
  "description": "Static STIX 2.1 bundles published from research on this site.",
  "feeds": [
    {
      "slug": "llm-exposed-capable",
      "title": "Internet-exposed capable LLM inference servers",
      "description": "Hosts running an open-default LLM inference framework (Ollama, llama.cpp, LocalAI) reachable on the public internet, serving at least one capability-threshold model (general-purpose ≥30B params or code-specialised ≥7B params). This is the broader \"capable subset\" the source article recommends as the primary defender-side IoC feed (§4.2): outbound connections from defended networks to listed endpoints should be treated as indicators of compromise by default, regardless of the host's patch state or apparent operator.",
      "version": "2026.06.08",
      "valid_from": "2026-06-08",
      "author": "Jake Scott",
      "tlp": "white",
      "labels": [
        "exposed-inference",
        "capable"
      ],
      "license": "CC-BY-4.0",
      "url": "https://jake.sc/feeds/llm-exposed-capable.json",
      "source_post": "https://jake.sc/writing/llm-exposed/"
    },
    {
      "slug": "llm-exposed-tier1",
      "title": "Internet-exposed Tier 1 capable LLM inference servers",
      "description": "Hosts running an open-default LLM inference framework (Ollama, llama.cpp, LocalAI) reachable on the public internet, serving at least one Tier 1 capable model (general-purpose ≥70B params or code-specialised ≥30B params). Recommended use: treat outbound connections to listed endpoints from defended networks as indicators of compromise. See linked article for methodology.",
      "version": "2026.06.08",
      "valid_from": "2026-06-08",
      "author": "Jake Scott",
      "tlp": "white",
      "labels": [
        "exposed-inference",
        "tier-1"
      ],
      "license": "CC-BY-4.0",
      "url": "https://jake.sc/feeds/llm-exposed-tier1.json",
      "source_post": "https://jake.sc/writing/llm-exposed/"
    }
  ]
}