Security researchers recently uncovered multiple vulnerabilities in AI infrastructure products, specifically targeting Ollama and NVIDIA's Triton Inference Server. One of these flaws allows for remote code execution, raising significant concerns about the security of popular AI systems. Although both companies have patched these vulnerabilities, the incident highlights a growing trend in AI security research that focuses on infrastructure rather than just the models themselves. Experts like Ventuzelo emphasize the shift in research priorities. Initially, many studies centered on prompt injections, where attackers manipulated AI models into unintended actions. Now, as companies begin running their own AI models, the underlying infrastructure has become a more appealing target for attackers. Ventuzelo notes that if an Ollama server is exposed within a corporate environment, it represents a new vulnerability in the organization's attack surface. Upcoming discussions at Black Hat Europe will address these vulnerabilities, some of which were identified during the Pwn2Own Berlin 2025 competition. Ventuzelo points out the importance of access control and containerization for AI infrastructure. Organizations need to ensure that their AI systems are secured within isolated environments to minimize risks. This shift in focus from model vulnerabilities to infrastructure security is critical as AI technology continues to evolve and integrate into various business operations.