Black Hat will focus on artificial intelligence (AI) and supply chain vulnerabilities at Black Hat Asia 2026, set for April 21 to 24 at Marina Bay Sands Expo & Convention Centre in Singapore.
Organizers said the conference will present new research on how AI is being used in cyberattacks and how weaknesses in supply chains can expose companies to risk. The event will include briefings, trainings, and live tool demonstrations to help security teams respond to emerging threats.
“Black Hat Asia 2026 represents a pivotal moment for cybersecurity in the region,” said Suzy Pallett, president of Black Hat. “The research unveiled here will fundamentally reshape how we approach cybersecurity in an AI-driven world.”
The Briefings program, scheduled for April 23 and 24, will feature researchers discussing newly discovered vulnerabilities and defense methods.
One session, “Practical Attacks Against Smartphone Boot ROMs,” will show how a single Boot ROM vulnerability can affect entire smartphone ecosystems by bypassing secure boot protections and decrypting firmware across multiple platforms.
Another talk, “Breaking Hybrid Boundaries Across Azure and Windows,” will detail four zero-day vulnerabilities in Windows Admin Center that could allow attackers to compromise both on-premises and cloud environments, including cross-tenant systems.
A third presentation, “RebirthDay Attack: Reviving DNS Cache Poisoning with the Birthday Paradox,” will introduce a new technique that targets weaknesses in Domain Name System software, potentially affecting major DNS providers and large numbers of servers worldwide.
From April 21 to 24, hands-on Trainings will cover malware analysis, AI red teaming, and threat intelligence. Courses include reverse engineering modern malware, testing large language models (LLMs) and multimodal AI systems for weaknesses, and building AI-powered threat intelligence workflows using Retrieval-Augmented Generation and multi-agent systems.
The Arsenal program on April 23 and 24 will feature live demonstrations of open-source security tools. These include QuantumStrand for string analysis during malware triage, vet for detecting malicious software packages in development pipelines, and Prowler Open Cloud Security v6.0 for monitoring cloud security and compliance across frameworks such as CIS, NIST, GDPR, and HIPAA.
Organizers said the Asia-Pacific region (APAC) is expected to lead global cybersecurity spending in 2026, driven by rising threats and regulatory requirements. Registration details and the full agenda are available on the event website.