hacker news today - a researcher scanned 1 million exposed ai services. n8n and flowise instances open to the internet without auth. the report is what every ciso forwards to their team this week. what the scan found n8n instances with admin pages on port 5678, no auth flowise builders exposing api keys in workflow exports ollama servers exposing the model api at port 11434, no auth langflow instances with anonymous tool execution these are all 'just for prototyping' instances that someone forgot to shut down. what the buyer fear sounds like 'how do we know we don't have one of these.' what the bizsuite ai-audit kit answers agent inventory script that scans the org's cloud + repo footprint for self-hosted ai services exposure check that flags any service answering on a public ip without auth remediation playbook (close the port, add auth, log the access) a procurement-ready report saying 'we audited, here are the findings, here's the fix' 4 hours. $997.…