Abstract
AI adoption is no longer optional. It is deeply embedded across products, engineering pipelines, automation systems, and organizational decision infrastructure. This rapid expansion leaves behind a lot of risky residues. These are not traditional vulnerabilities and quite often there is no CVE, no defined exploit path, and no signal from conventional security tooling. Instead, silent exposure paths accumulate gradually, remain unmeasured, and typically surface only after they are exploited.
In this talk, I present a structural analysis of these exposure zones and expand on the effective blast radius for each exposed component. I discuss real attack paths derived from AI driven exposures that I identified and validated through structured and practical methodology. I also showcase how attacks can expand step by step across interconnected systems, allowing reachability to grow gradually without triggering traditional vulnerability or detection models. The session concludes with a practical measurement framework focused on blast radius and propagation potential that can help organizations determine whether they are affected, understand how compromise can spread across interconnected AI and infrastructure layers, and prioritize remediation based on systemic impact rather than isolated findings.