Another talk announcement for BSides Luxembourg!

πŸ€–πŸ” 𝗕π—₯π—˜π—”π—žπ—œπ—‘π—š π—§π—›π—˜ 𝗖𝗒𝗑𝗧π—₯π—’π—Ÿ π—£π—Ÿπ—”π—‘π—˜: π—˜π—«π—£π—Ÿπ—’π—œπ—§π—œπ—‘π—š 𝗠𝗖𝗣 π—¦π—˜π—₯π—©π—˜π—₯𝗦 π—œπ—‘ π—”π—œ π—ͺ𝗒π—₯π—žπ—™π—Ÿπ—’π—ͺ𝗦 – Yotam Perkal βš™οΈπŸ”₯

AI agents need integrationsβ€”and MCP servers are becoming the backbone of that connectivity. But what happens when these β€œdeveloper tools” are exposed, overprivileged, and unprotected?

This talk dives into the hidden risks of MCP servers, showing how attackers can exploit them for SSRF, filesystem access, and even full remote code execution. As AI workflows grow, so does the attack surfaceβ€”and the control plane is now a prime target.

Yotam Perkal leads security research at Pluto Security, focusing on securing AI-native environments and agent-based systems. With past roles at Zscaler, Rezilion, and PayPal, he brings deep expertise in vulnerability research, threat intelligence, and AI security.

πŸ“… Conference Dates: 6–8 May 2026 | 09:00–18:00
πŸ“ 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
πŸ“… Schedule Link: https://pretalx.com/bsidesluxembourg-2026/schedule/
πŸ‘‰ Browse sessions, track talks in real time, and plan your schedule on Hacker Tracker: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #MCP #CyberSecurity #AppSec #AIWorkflows #ThreatResearch