Open Source, AI and the New Attack Surface
Open source and artificial intelligence are redefining the software security landscape. As AI accelerates development and exploitation, the open-source ecosystem has become a powerful engine of innovation and a growing attack surface. In this SafeDev Talks episode, security leaders from Red Hat, TikTok, and Xygeni (https://xygeni.io/) break down how AI-driven threats are targeting open-source dependencies, pipelines, and machine learning models, and what defenders must do to stay ahead. Featuring ๐๐จ๐ฆ๐๐ง ๐๐ก๐ฎ๐ค๐จ๐ฏ (๐๐๐๐ฎ๐ซ๐ข๐ญ๐ฒ & ๐๐ซ๐ข๐ฏ๐๐๐ฒ ๐๐๐๐๐๐ซ, ๐๐๐ ๐๐๐ญ),๐๐๐จ๐ง ๐๐จ๐ก๐ง๐ฌ๐จ๐ง (๐๐๐๐๐ง๐ฌ๐ข๐ฏ๐ ๐๐๐๐ฎ๐ซ๐ข๐ญ๐ฒ & ๐๐ซ๐ข๐ฏ๐๐๐ฒ ๐๐๐๐, ๐๐ข๐ค๐๐จ๐ค), ๐๐ง๐ ๐๐ฎ๐ข๐ฌ ๐๐จ๐๐ซรญ๐ ๐ฎ๐๐ณ ๐๐๐ซ๐ณ๐จ๐ฌ๐ (๐๐๐, ๐๐ฒ๐ ๐๐ง๐ข), this session explores how AI is reshaping open-source software security, from AI-driven supply chain attacks and real-world exploitation examples to weaponized code, dependency poisoning, and model manipulation. The discussion highlights how AppSec and DevSecOps teams can leverage AI for detection and auto-remediation, along with best practices for securing OSS dependencies and machine learning models within CI/CD pipelines. Youโll also learn how to build AI-native, resilient, and transparent software supply chains, supported by expert insights from leaders securing high-scale, global platforms. This session delivers practical guidance for AppSec engineers, DevSecOps practitioners, security architects, and platform teams building applications in the AI era. โญ Key Takeaways โข Understand the new AI-powered attack surface in open source โข Detect and mitigate AI-driven OSS supply chain threats โข Apply AI responsibly for vulnerability detection and remediation โข Strengthen software supply chain resilience with modern security controls โข Learn from experts securing AI-native systems in production This episode is essential for anyone focused on: AI Security, Open Source Security, Software Supply Chain Security, DevSecOps, AppSec, ML Security, CI/CD Security, and Continuous Security. Subscribe to SafeDev Talks and follow Xygeni (ย ย /ย xygeniย ย ) for more insights on AI Security, DevSecOps, and secure software development. #SafeDevTalks #OpenSourceSecurity #AISecurity #AppSec #DevSecOps #SoftwareSupplyChain #CyberSecurity #OSS #ThreatDetection #SecurityAutomation #MLSecurity #AIThreats #SecureByDesign #ContinuousSecurity #Xygeni
Software Supply Chains Under Pressure: What 2025 Taught Us About Malware & AI and What Comes Next
AI-Powered DevSecOps. Orchestrating Security at Cloud Scale
Exposing The Solid State Donut Battery. It's Over.
Something is jamming GPS over Europe. Here's what we found
AI Is Already Inside Your SDLC. Now What?
Attacking AI - Jason Haddix - NDC Security 2026
The Uncomfortable Truth About AI โReasoningโ | World Science Festival
Trump Gets Booed & Falls Asleep During NBA Finals, Claims War is Almost Over & Goodbye Spencer Pratt
AI Unleashed: Navigating Emerging Threats and Defenses in AppSec
![Nicholas Carlini - Black-hat LLMs | [un]prompted 2026](https://i.ytimg.com/vi/1sd26pWhfmg/hq720.jpg?sqp=-oaymwE1CNAFEJQDSFryq4qpAycIARUAAIhCGAHwAQH4Af4JgALQBYoCDAgAEAEYciBmKDYwD7gC9xg=&rs=AOn4CLBnADgdYpOFrwMxfOlDTu5oYioi6A&usqp=CCc)
Nicholas Carlini - Black-hat LLMs | [un]prompted 2026
What about Software Supply Chain Security? Essential Insights & Predictions
How to Pass the Audit? Building Real AppSec aligned with ISO, NIST & CRA
Andrew Ng: Building Faster with AI
OWASP's Top 10 Ways to Attack LLMs: AI Vulnerabilities Exposed
The World's Most Important Machine
This is not the AI we were promised | The Royal Society
From Code to Runtime: Why SAST + DAST Are Both Essential for Modern AppSec
HOMILรA DE HOY | DIOS AYรDAME A CONFIAR AUNQUE NO ENTIENDA NADA | PADRE FREDDY BUSTAMANTE
Modular DS Connect 2026
