Open-weight LLMs (like LLaMA, Mistral, and DeepSeek-R1) have triggered a "Cambrian explosion" of innovation, but they have also democratized offensive cyber capabilities. Recent evaluations, such as MITRE’s OCCULT framework, show that publicly available models can now achieve >90% success rates on offensive cyber knowledge tests, enabling targeted phishing, malware polymorphism, and vulnerability discovery at scale.

For the Open Source community, this presents an existential crisis. Traditional security models (API gating, monitoring, rate limiting) rely on centralized control, which vanishes the moment weights are published. Furthermore, emerging regulations like the EU AI Act risk imposing impossible compliance burdens on open model developers for downstream misuse they cannot control, such as post-market monitoring.

In this talk, Alfonso De Gregorio (Pwnshow) will deconstruct the "Mitigation Gap"—the technical reality that once a model is downloaded, safety filters can be trivially fine-tuned away. Drawing on his direct consultation work with the European Commission, he will explain how we can navigate this minefield. We will discuss:

1/ The Threat Reality: A look at tools like Xanthorox AI and DeepSeek-R1 to understand the actual offensive capabilities of current open weights, and the state of the art in offensive AI.

2/ The Policy Trap: Why "strict" interpretations of the EU AI Act could stifle open innovation, and the fight to shift liability to the modifier and deployer rather than the open-source developer.

3/ The Way Forward: Technical solutions for "Responsible Release" (Model Cards, capability evaluations) and the necessity of AI-enabled defenses to counterbalance the offensive drop in barrier-to-entry.

This session is for security practitioners and open-source advocates who want to ensure the future of AI remains open, while pragmatically addressing the security chaos it unleashes.