2026-06-08 –, Frannz Salon
Discover how attackers can manipulate AI coding assistants through hidden text, typosquatting and code errors. Learn to detect concealed instructions and set up trusted dependencies to keep unsafe code out of your environment.
Do you trust your AI coding assistant? What if I told you that attackers have found ways to manipulate it and attack your code? With everyone now using AI coding assistants it’s time to look at the risks!
During this talk I’ll show you several new techniques attackers are already using. This will range from hidden messages (ASCII smuggling) to abusing mistyping and characters that look the same (typosquatting). I will also show how an LLM can make mistakes when generating code (hallucinations). Did you know that a smart attacker can abuse this too?
When you join this talk, you’ll learn how to spot hidden text in your instruction file and prompts. I will also explain how to set up a trusted dependency repository to prevent the wrong code from entering your production environment!
Since 2012 I’ve been working in the field of IT in different positions. Now I am the product lead Automation + AI for the transformation department of OGD ict-diensten. I’m responsible for the propositions regarding Power Platform, AI and Automation. Besides that I also consult a multitude of customers about these topics and their cloud platforms. Due to this broad range of topics I work with on a daily basis, I’ve developed a passion for connecting them all together. When I’m not working on improving specific systems I’m looking into how the systems can work together to create even more value. I also write on my blog https://www.autosysops.com about the solutions I find.