AI gateways are rapidly becoming a crucial component in managing access to foundation models across organizations. However, they are also emerging as significant security risks. A recent investigation by Darktrace revealed a breach where an attacker accessed an Amazon EC2 server hosting an AI gateway connected to Amazon Bedrock services. The intruder used this access to deploy cryptomining software, highlighting the potential for more severe attacks such as data theft or manipulation of AI workflows. Nathaniel Jones, vice president, security and AI strategy at Darktrace, warns that this incident is just a glimpse of the broader risks that AI gateways pose. These gateways sit at the intersection of identity, cloud infrastructure, and proprietary data, making them attractive targets for attackers seeking to exploit centralized AI access. The compromised system in this incident likely functioned as an AI gateway, revealing the broad range of enterprise assets at risk. Although the attacker's initial access was possibly gained through brute-force login attempts, the potential impact extended far beyond cryptomining. Sensitive information such as API keys and cloud credentials could have been exposed, and attackers might have used identity and access management roles to further infiltrate the cloud environment. The true danger lies in what could have happened if the attackers had leveraged the AI gateway more strategically. Unlike the relatively easy-to-detect cryptomining, credential theft and cloud persistence could have resulted in much more damaging outcomes. AI gateways consolidate functions that were once spread across multiple systems, making them valuable targets. They provide centralized access to various AI providers, API credentials, and internal enterprise knowledge, effectively turning them into mini supply chains. To mitigate these risks, organizations should avoid granting broad IAM permissions and exposing management interfaces to the Internet. Implementing short-lived API keys, segmenting AI infrastructure, and monitoring AI-specific activities are also recommended strategies. Treating AI gateways as privileged cloud assets will be essential as they become more entrenched in organizational infrastructure.