:: TALKS — version 0x01

• Remote Cold Execution (Tom Kern)
• Slithering Through the Noise: Deep Dive into the VIPERTUNNEL Python Backdoor (Evgen Blohm)
• AI vs. the APTs: Using LLMs to discover malware and undisclosed vulnerabilities (Mackenzie Jackson)
• Exploit is in the logic: Reversing an Android application to hack transactions on an NFC tag (Luigi Gubello)
• OpenChain: Improving Compliance and Security in the Software Supply Chain, Together (Vladimir Slavov)
• Securing the AI-Native Software Development Lifecycle (Jozsef Ottucsak)
• Cracking the Code: My Path to Becoming a Penetration Tester (Razvan Ionescu)
• Quiet Revolution of DNS Privacy – DNSCrypt vs The World (Nikola Garafolic)
• CVE-2025-59284: How reading a gnu manpage led to a Windows NetNTLM phishing exploit (Len Sadowski & Oğuz Bektaş)
• Hunting for logic bugs (Tonimir Kisasondi)
• Anonymous on a Budget: Building a $10 Attack Chain with Legitimate Services (Sergio Costa)
• Incident handling for small sec teams (Dino Memović)
• From Cracked PINs to Resilient Systems: Evolving Mobile Banking Security (Grega Prešeren)
• DynamoRIO and malware analysis (Vanja Svajcer)
• Don’t use a Web Application Firewall, and when you should, anyway. (Joshua Fox)
• Pentesting is Dead, Long Live the Pentest Operator ( Danijel Grah aka Enmach)
• Improving password cracking in morphologically rich languages (Vlatko Kosturjak)
• AI Security: Current State (Raz Tel-Vered)

:: WORKSHOPS —

• Workshop: MacOS Investigation Workshop (Evgen Blohm)
• Workshop: From Code to Cloud – Securing the Stack with Open-Source Tools (Mackenzie Jackson)
• Workshop: A phishing trip with Fancy Bear – Let’s analyze APT malware together! (Marius Genheimer)

Note(s):

• The rest of the talks and workshops will be published soon.
• If you are the presenter and you see in your talk/workshop description typos or you want to change something. Let us know, because we only did copy+paste of what you have submitted ¯\_(ツ)_/¯
• Like every year, you can expect the Lightning Talks section, so there is still a chance for participation for those who didn’t submit a paper and want to present something very light (<7min).