AI supply chain attacks (TLP 2025w44) episode artwork

EPISODE · Nov 26, 2025 · 7 MIN

AI supply chain attacks (TLP 2025w44)

from Lead Prompt Podcast · host John Collins

In this episode, I discuss how all software is vulnerable to supply chain attacks, but I argue that AI is uniquely at risk. I explain that a traditional supply chain attack works by compromising the less-secure "links" in a trusted development process, such as third-party vendors or open-source components—rather than attacking a target directly. This allows malicious code to be delivered through legitimate updates, bypassing standard security defences. I cite the massive SolarWinds breach as a prime example, where attackers inserted a backdoor into a trusted software update, granting them remote access to thousands of secure networks. I then shift focus to AI platforms, identifying their training data as the "weakest link" in their supply chain. I describe "data poisoning," a technique where attackers inject malicious content into the public data sources that AI models scrape for training. This can corrupt a model's knowledge or implant hidden backdoors, namely specific triggers that cause the AI to execute harmful instructions or bypass safety filters. I highlight real-world examples, such as "jailbreak prompts" found on forums and the "Nightshade" tool used by artists to disrupt image generators, concluding that relying on internet data inherently leaves AI models exposed to a "poisoned well." Show notes are here: https://techleader.pro/a/714-AI-supply-chain-attacks-(TLP-2025w44) Keywords: AI supply chain attack, Data poisoning, AI security, Cybersecurity, Supply chain attack explained, AI vulnerability, Large Language Model security, LLM security, Model training data, Nightshade tool, AI data poisoning, Software supply chain, TechLeaderPro, podcast, Cyber attack, Information security, Tech news, AI risks, Generative AI security, AI model integrity, Model jailbreaking, SolarWinds attack, Software security, Cloud security, Open source security, AI data quality, Internet scraping, Third party risk, Digital security

In this episode, I discuss how all software is vulnerable to supply chain attacks, but I argue that AI is uniquely at risk. I explain that a traditional supply chain attack works by compromising the less-secure "links" in a trusted development process, such as third-party vendors or open-source components—rather than attacking a target directly. This allows malicious code to be delivered through legitimate updates, bypassing standard security defences. I cite the massive SolarWinds breach as a prime example, where attackers inserted a backdoor into a trusted software update, granting them remote access to thousands of secure networks. I then shift focus to AI platforms, identifying their training data as the "weakest link" in their supply chain. I describe "data poisoning," a technique where attackers inject malicious content into the public data sources that AI models scrape for training. This can corrupt a model's knowledge or implant hidden backdoors, namely specific triggers that cause the AI to execute harmful instructions or bypass safety filters. I highlight real-world examples, such as "jailbreak prompts" found on forums and the "Nightshade" tool used by artists to disrupt image generators, concluding that relying on internet data inherently leaves AI models exposed to a "poisoned well." Show notes are here: https://techleader.pro/a/714-AI-supply-chain-attacks-(TLP-2025w44) Keywords: AI supply chain attack, Data poisoning, AI security, Cybersecurity, Supply chain attack explained, AI vulnerability, Large Language Model security, LLM security, Model training data, Nightshade tool, AI data poisoning, Software supply chain, TechLeaderPro, podcast, Cyber attack, Information security, Tech news, AI risks, Generative AI security, AI model integrity, Model jailbreaking, SolarWinds attack, Software security, Cloud security, Open source security, AI data quality, Internet scraping, Third party risk, Digital security

NOW PLAYING

AI supply chain attacks (TLP 2025w44)

0:00 7:08

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

That Hoarder: Overcome Compulsive Hoarding That Hoarder Hoarding disorder is stigmatised and people who hoard feel vast amounts of shame. This podcast began life as an audio diary, an anonymous outlet for somebody with this weird condition. That Hoarder speaks about her experiences living with compulsive hoarding, she interviews therapists, academics, researchers, children of hoarders, professional organisers and influencers, and she shares insight and tips for others with the problem. Listened to by people who hoard as well as those who love them and those who work with them, Overcome Compulsive Hoarding with That Hoarder aims to shatter the stigma, share the truth and speak openly and honestly to improve lives. The Small Business Startup School – Business Notes | Financial Literacy | Retail Psychology – For Professionals & Entrepreneurs The Small Business Startup School Inc. Starting or buying a small business? While personal circumstances may vary, business patterns remain timeless. On The Small Business Startup School, we explore strategies, insights, and practical solutions to help entrepreneurs confidently navigate their journey.Hosted by Ola Williams—a retail entrepreneur, fintech founder, and financial coach with over two decades of experience—this podcast marries financial awareness and retail psychology with optimism to deliver actionable takeaways.Join us to learn, grow, and connect as we uncover the keys to business success.Let’s continue to learn together and be encouraged to keep on connecting! DIOSA. Carolina Sanper This podcast is a sacred space created by Carolina Sanper where you connect with your inner wisdom and embody your magnetic feminine power.It is the realization that the mystical realm is where you plant the seeds of your desired reality.It is a portal to your true essence: awareness, presence, and receiving with ease. Welcome home, DIOSA. 🖤 XXX Tech by SOVRYN Dr. Brian Sovryn The crossroads between technology, sensuality, and metaphysics - and the longest running anarchist podcast in the world! Brought to you by Dr. Brian Sovryn.

Frequently Asked Questions

How long is this episode of Lead Prompt Podcast?

This episode is 7 minutes long.

When was this Lead Prompt Podcast episode published?

This episode was published on November 26, 2025.

What is this episode about?

In this episode, I discuss how all software is vulnerable to supply chain attacks, but I argue that AI is uniquely at risk. I explain that a traditional supply chain attack works by compromising the less-secure "links" in a trusted development...

Can I download this Lead Prompt Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!