Long time hacker and former developer working at IBM X-Force doing Incident Response.
Hacking for the fun of it and always trying to building cool stuff.
EMAIL:
davidsonmizael@gmail.com
Resumen de la Charla
In this presentation I’ll go through the process of how you could possibly exploit this vulnerability in one of thousands servers exposed to the internet running the top one tool in the world for self hosting AI models. The process I’ll demonstrate in this presentation involves exploring vulnerable by default decisions to achieve total control of this model serving tool, and the vulnerability research I have done on top of this tool that led me to find 7 0day vulnerabilities that allows anyone to achieve the following results:
– Free token usage – Cause unavailability in the servers – Steal top of the market secret models – Cause chaos within dependent services with a model defacement – Craft a supply attack
CHARLA
Sábado 8 de Agosto de 2026 14:30 a 15:00
Self Hosting Nightmare - Exploiting AI models for supply chain attacks.