This talk was recorded at NDC Manchester in Manchester, England. 
#ndcmanchester #ndcconferences #developer #softwaredeveloper    

Attend the next NDC conference near you: 
https://ndcconferences.com
https://ndcmanchester.com/

Subscribe to our YouTube channel and learn every day:   
/            @NDC 

Follow our Social Media!

https://www.facebook.com/ndcconferences
https://twitter.com/NDC_Conferences
https://www.instagram.com/ndc_conferences/

#supplychain #ai 

We often think of supply chains in software as only dependencies but there is more than one way to get into an organisation from the outside.

With the help of AI, attackers are becoming faster, scaling wider and attacking with better accuracy and results.

In this session, Niall will show you how some of the old ways are being updated to harness AI, what new attacks are becoming mainstream and how attackers are exploiting people and perceptions to get inside organisations.

NDC Conferences

Supply chain attacks are evolving beyond traditional code injection to exploit human trust and AI systems. Attackers use vendor email compromise to steal credentials and redirect payments, deep fakes for impersonation in video calls, and malicious LLMs to automate phishing and malware creation. AI agents are vulnerable to cross-prompt injection attacks that trick them into leaking data or performing unauthorized actions. Recent incidents include the SolarWinds breach, North Korean job applicants using AI to pass interviews, and attacks condensing six-month campaigns into six hours using AI assistance. Defenders must share vulnerability information, keep humans in the loop with AI systems, and test security boundaries proactively.

Exploiting the supply chain - Niall Merrigan - NDC Manchester 2025