hack.lu 2026

Call for papers is now open for hack.lu 2026 (the 20th edition!)

2026-02-26T10:39:55+01:00

hack.lu 2026 Call for Papers

The purpose of the hack.lu convention is to provide an open and free playground where people can discuss the implications of new technologies in society. hack.lu is a balanced mix convention where technical and non-technical people can meet and share all kinds of information freely. The convention will be held in the Grand-Duchy of Luxembourg in October (20-23.10.2026). The most significant new discoveries about computer network attacks and defenses, open-source security solutions, and pragmatic real-world security experiences will be presented in a four-day series of informative tutorials.

Hack.lu includes the Cyber and Threat Intelligence Summit gathering all the experts, analysts, users, and contributors to cyber and threat intelligence at large. A strong focus will be given to projects bridging intelligence communities together and also open-source related projects.

We invite you to submit papers, lightning talks, and workshop proposals for selection by the hack.lu technical review committee.

Topics of interest

Software Engineering and Security
Social Engineering
Honeypots/Honeynets
Spyware, Phishing and Botnets (Distributed attacks)
Newly discovered vulnerabilities in software and hardware
Electronic/Digital Privacy
Wireless Network and Security
Attacks on Information Systems and/or Digital Information Storage
Electronic Voting Security
Free Software and Security
Assessment of Computer, Electronic Devices and Information Systems
Standards for Information Security
Legal and Social Aspect of Information Security
Software Engineering and Security
Security in Information Retrieval
Network Security
Malware Analysis and Reversing
Forensics and Anti-Forensics
Offensive (and counter-offensive) Information Technology
Mobile Communications Security and Vulnerabilities
CSIRTs, Incident Analysis and Response
Information Security and Data Mining
Threats Exchange and Sharing
Open source tooling used in threat intelligence including new tools or development of existing tools
Threat intelligence processes
Successes and failures in creating threat intelligence processes
Use of open source tools (such as MISP) into SOC, CSIRT or any security organisation or intelligence community to support threat intelligence processes
Interoperability between threat intelligence tools (open source and proprietary)
Improving and evaluating quality of threat intelligence at large
Share lessons learnt in the intelligence domains including analysis processes, analytical methods and/or techniques
Lessons and challenges while performing intelligence analysis
Successes and failures in data modelling for intelligence
Share experiences in information and intelligence sharing including building communities, tooling, social interactions
Improving skills in intelligence domain such as threat analysis, collection and dissemination
Integrating OSINT, HUMINT, *INT into threat intelligence processes
AI at large (use and abuse of Artificial Intelligence in Information Security)

The above lists of topics are not exhaustive and other related topics are welcome.

Presentation Format

The format of the talks during hack.lu is composed of a 20-minute maximum presentation with a 10-minute Q&A session. The goal is to foster collaboration and live discussions. The sessions will be video recorded except if the presenter doesn’t accept. Complementary papers, articles, and presentations are highly encouraged for participants who are willing to have more insight about the presentation given.

General Information

Date and Location

The hack.lu conference will take place physically in Luxembourg (October 20 - 23, 2026) at the
Parc Hotel Alvisse, 120 Route d’Echternach, L-1453 Luxembourg
(Long : 49.6399337, Lat : 6.1517228)

Speakers’ Privileges of hack.lu (not applicable to Lightning talks or Call For Failure (CfF)):

For the selected talks/presentations/papers, authors will get a free access to the conference.
One speaker per talk/workshop
Accommodation will be provided (up to 4 nights during the conference). Hotel room must be reserved with a dedicated registration code. A credit card is needed as guarantee for the hotel. It won’t be charged for the covered nights (excluding additional services you might take).
Reimbursement of travel costs up to 300 EUR
Lunch, beverages, and more during the all days of the conference

Language

The language of the conference is English.

Publication and Rights

Authors keep the full rights on their publications/papers but give an unrestricted right to redistribute their papers for the hack.lu convention and its related electronic/paper publication.

You can enter proposals until 2026-05-31 11:59 PM (Luxembourg time).

Edit or view your proposals
Submit a proposal

Sponsoring

If you want to support the initiative and gain visibility by sponsoring, please contact us by writing an e-mail to info(AT)hack.lu

For more information about sponsoring options.

CfP Website Submission

CfP hack.lu 2026 submission website

Additiona CfP - Call For Failures - CfF 0x2

It’s a session during hack.lu 2026 where participants present 10-minute talks about their biggest failure in cybersecurity, and — crucially — what they learned (or didn’t learn) from it.
This track is reserved for participants and speakers of hack.lu. You need to have a specific code to be able to submit your proposal.
The theme is “Over Fail: The Untold Truth Behind the Magic of Cybersecurity”. The organizers want to counterbalance the usual success stories by giving space to real mistakes.
Examples of what might be shared include:
- Mistakes in red teaming or pentesting (bringing down a system inadvertently).
- Blunders in forensics or incident response (e.g. mis-handling evidence).
- Failures in threat intelligence, blockchain, AI, big data, etc.

Logistics & Context

CfF talks will be held one evening during the conference from around 19:00 to 21:00.
Only hack.lu participants whose proposals are accepted can present.
This is the third edition (the first being CfF 0x0 in 2019) at hack.lu.

Best Paper Award of hack.lu 2025

2025-10-26T09:15:00+01:00

🏆 Best Paper Award — hack.lu 2025

We are pleased to announce that the Best Paper Award of hack.lu 2025 has been granted to David Durvaux, Dario B., and Christophe Vandeplas for their outstanding contribution to the community with the open-source project “Sysdiagnose Analysis Framework.”

This year, the Program Committee chose to distinguish this work for several key reasons:

A rare open-source contribution in the iOS forensics field
Digital forensics on iPhone devices remains notoriously difficult, with most tools being proprietary and inaccessible to many practitioners. By delivering a fully open-source framework, the authors significantly lower the barrier for investigators, researchers, and incident responders in need of transparent and reproducible forensic tooling.
Direct impact on the security and DFIR community
The framework empowers security professionals to conduct in-depth iOS investigations with more autonomy, flexibility, and trust. Its practical relevance to real-world forensic workflows made it stand out among this year’s submissions.
A commitment to knowledge-sharing and community building
Beyond the talk, the authors delivered two hands-on workshops during hack.lu 2025, demonstrating not only their technical expertise but also their dedication to spreading knowledge and helping others adopt the tool. Their ongoing effort to build and nurture an open community around the project during hack.lu and after which is fully aligned with the spirit and values of hack.lu.

For these reasons, we are proud to highlight their work and celebrate their contribution to advancing open security, transparency, and collaboration.

Congratulations once again to David, Dario, and Christophe — and to the growing community around the Sysdiagnose Analysis Framework. We look forward to seeing how this important project evolves!

— The hack.lu 2025 Program Committee

Call for Failures @ hack.lu 2025 — Because We All Break Things

2025-10-17T06:15:00+02:00

💥 Call for Failures @ hack.lu 2025 — Because We All Break Things

At hack.lu, we love stories of brilliance — new tools, cutting-edge exploits, and clever defenses.
But let’s be honest: the best lessons often come from things that went spectacularly wrong.

That’s why we’re bringing back the Call for Failures (CFF) — a mini-conference inside hack.lu dedicated entirely to sharing the things that didn’t go as planned.

🗓️ When: Wednesday, 22 October 2025
🕖 Time: 19:00 – 21:00
📍 Where: At hack.lu, Luxembourg

What is the Call for Failures?

CFF is your chance to take the stage for 10 minutes and talk about a failure — yours or someone else’s — that taught you something meaningful in cybersecurity.
No buzzwords, no corporate slides, no blame games — just honest stories, good humor, and lessons learned.

Maybe you:

Deployed a “quick” fix that took down your entire network.
Spent months building a tool that no one used.
Misconfigured a system in a way that taught you more than any training ever could.
Tried to improve security… and made it worse.

If it broke, crashed, backfired, or blew up (figuratively, please), we want to hear about it.

Because every broken system, every bad idea, and every facepalm moment makes our community stronger.
At hack.lu, we believe in learning by doing — and sometimes by failing spectacularly.
Your story could help someone else avoid the same mistake, or maybe even inspire a better way forward.

Format

10-minute talk (short, raw, and real)
No slides required — but they’re welcome
Can be technical, organizational, or personal
Anonymous submissions are possible (we know how it is…)

Submit your story

Head to 👉 https://2025.hack.lu/cff/

Submissions are open — we’re looking for honest, funny, painful, and insightful talks from across the security spectrum or related.

Remember: failure isn’t the opposite of success — it’s the path that leads to it.
So come share yours. Let’s laugh, cringe, and learn together at hack.lu 2025.

First Student Ticket Sponsor: GCVE.eu

2025-10-06T10:15:00+02:00

GCVE.eu supports student participation at hack.lu 2025

hack.lu is proud to announce its first Student Ticket Sponsor for the 2025 edition: GCVE.eu. With their generous contribution, GCVE has made it possible to unlock a new batch of 10 student tickets for this year’s conference, helping students and young researchers attend one of Europe’s longest-running cybersecurity events at a significantly reduced rate.

For nearly two decades, hack.lu has been a place where professionals, researchers, and students come together to explore the many aspects of computer security, privacy, and digital culture. The Student Ticket Sponsor Program was created to preserve this open and inclusive spirit — enabling the next generation of cybersecurity experts to connect, learn, and contribute, regardless of financial barriers.

The reduced student ticket price of 375 EUR is made possible through a shared sponsorship model: each ticket is partially funded by hack.lu itself and further supported by sponsoring partners such as GCVE.eu.

“Supporting students in cybersecurity is an investment in the future resilience of our digital society. We are grateful to GCVE.eu for helping us keep hack.lu accessible to emerging talents,” said Sascha Rommelfangen, organizer of hack.lu.

The Global CVE (GCVE) allocation system is a new, decentralized approach to vulnerability identification and numbering, designed to improve flexibility, scalability, and autonomy for participating entities.

Additional Student Ticket Sponsorships are still available and can be purchased via the hack.lu information page: 👉 https://2025.hack.lu/info/

Final Reminder: 1 Day Left to Submit to hack.lu 2025 Call for Paper

2025-05-19T07:39:55+02:00

⏳ Final Reminder: 1 Day Left to Submit to hack.lu 2025 Call for Papers

The hack.lu 2025 Call for Papers closes in just 1 day! If you’ve been planning to submit a talk, workshop, or lightning talk — now’s the time to do it.

The event features some of the most significant new discoveries in computer network attacks and defenses, open-source security solutions, cyber threat intelligence and pragmatic real-world security experiences in a four-day series of talks and tutorials.

We’re inviting submissions for:

Talks
Workshops
Lightning talks registration will be open 1-month before the conference for registered participants

Presentation Format

General Information

Date and Location

The hack.lu conference will take place physically in Luxembourg (October 21 - 24, 2025) at the
Parc Hotel Alvisse, 120 Route d’Echternach, L-1453 Luxembourg
(Long : 49.6399337, Lat : 6.1517228)

Speakers’ Privileges

For the selected talks/presentations/papers, authors will get free access to the conference.
One speaker per talk/workshop.
Accommodation will be provided (up to 4 nights during the conference). Hotel room must be reserved with a dedicated registration code, and paid in advance as guarantee. The money will be reimbursed during check-out.
Lunch, beverages, and more during all days of the conference.
Reimbursement of travel costs up to 300 EUR.

Language

The language of the conference is English.

Publication and Rights

Authors keep the full rights on their publications/papers but give an unrestricted right to redistribute their papers for the hack.lu convention and its related electronic/paper publication.

You can enter proposals until 2025-05-20 11:59 (UTC).

Edit or view your proposals
Submit a proposal

Sponsoring

If you want to support the initiative and gain visibility by sponsoring, please contact us by writing an e-mail to info(AT)hack.lu

For more information about sponsoring options.

Conference registration

If you’d like to attend hack.lu, you can still register at a special rate for the 4-day conference until May 23, 2025.

CfP Website Submission

CfP hack.lu 2025 submission website

BSidesLuxembourg is back in 2025, June 19th in Belval

2025-05-14T12:00:00+02:00

BSidesLuxembourg is back in 2025!

Calling all hackers in and around Luxembourg! As many of you know, BSidesLuxembourg ran three times from 2017-2019 and then COVID hit to our collective dismay and abruptly many events, hack.lu included, stopped for a number of years.

Well, we’re now bringing BSidesLuxembourg back, and we’re planning to turn it into a 3-day event by next year. For this year, we’ve built a 1.5day event for you on June 18th (afternoon) and 19th – find the schedule here.

So what do we have? 18th is Offensive village + lockpicking village days!

The 19th we’re running 6 (SIX) parallel tracks, 3 with hands-on workshops and 3 with talks. In the purest BSides spirit, all of this comes with a ticket price of 20 euro (students 5) including Lunch (19th only), afternoon reception on the 19th, BSidesLux t-shirt, and of course access to all of the tracks and villages included! For this, we want to thank all our fantastic sponsors!

We’re ALSO still running the CFP for the OffensiveOps village here. We hope to see you there!

Hack the planet. The BSidesLuxembourg team.

bsides.lu

Call for papers is now open for hack.lu 2025

2024-12-03T10:39:55+01:00

hack.lu 2025 Call for Papers (including cti-summit)

The purpose of the hack.lu convention is to provide an open and free playground where people can discuss the implications of new technologies in society. hack.lu is a balanced mix convention where technical and non-technical people can meet and share all kinds of information freely. The convention will be held in the Grand-Duchy of Luxembourg in October (21-24.10.2025). The most significant new discoveries about computer network attacks and defenses, open-source security solutions, and pragmatic real-world security experiences will be presented in a four-day series of informative tutorials.

We invite you to submit papers, lightning talks, and workshop proposals for selection by the hack.lu technical review committee.

Topics of Interest

Software Engineering and Security
Social Engineering
Honeypots/Honeynets
Spyware, Phishing, and Botnets (Distributed attacks)
Newly discovered vulnerabilities in software and hardware
Electronic/Digital Privacy
Wireless Network and Security
Attacks on Information Systems and/or Digital Information Storage
Electronic Voting
Free Software and Security
Assessment of Computer, Electronic Devices, and Information Systems
Standards for Information Security
Legal and Social Aspect of Information Security
Security in Information Retrieval
Network Security
Malware Analysis and Reversing
Forensics and Anti-Forensics
Offensive (and counter-offensive) Information Technology
Mobile Communications Security and Vulnerabilities
CSIRTs, Incident Analysis and Response
Information Security and Data Mining
Threats Exchange and Sharing

Open source tooling used in threat intelligence including new tools or development of existing tools
Threat intelligence processes
Successes and failures in creating threat intelligence processes
Use of open-source tools (such as MISP) into SOC, CSIRT, or any security organization or intelligence community to support threat intelligence processes
Interoperability between threat intelligence tools (open source and proprietary)
Improving and evaluating the quality of threat intelligence at large
Share lessons learned in the intelligence domains including analysis processes, analytical methods, and/or techniques
Lessons and challenges while performing intelligence analysis
Successes and failures in data modeling for intelligence
Share experiences in information and intelligence sharing including building communities, tooling, social interactions
Improving skills in intelligence domains such as threat analysis, collection, and dissemination
Integrating OSINT, HUMINT, *INT into threat intelligence processes

The above lists of topics are not exhaustive and other related topics are welcome.

Presentation Format

General Information

Date and Location

The hack.lu conference will take place physically in Luxembourg (October 21 - 24, 2025) at the
Parc Hotel Alvisse, 120 Route d’Echternach, L-1453 Luxembourg
(Long : 49.6399337, Lat : 6.1517228)

Speakers’ Privileges

For the selected talks/presentations/papers, authors will get free access to the conference.
One speaker per talk/workshop.
Accommodation will be provided (up to 4 nights during the conference). Hotel room must be reserved with a dedicated registration code, and paid in advance as guarantee. The money will be reimbursed during check-out.
Lunch, beverages, and more during all days of the conference.
Reimbursement of travel costs up to 300 EUR.

Language

The language of the conference is English.

Publication and Rights

Authors keep the full rights on their publications/papers but give an unrestricted right to redistribute their papers for the hack.lu convention and its related electronic/paper publication.

You can enter proposals until 2025-04-30 11:59 (UTC).

Edit or view your proposals
Submit a proposal

Sponsoring

If you want to support the initiative and gain visibility by sponsoring, please contact us by writing an e-mail to info(AT)hack.lu

For more information about sponsoring options.

CfP Website Submission

CfP hack.lu 2025 submission website

hack.lu 2024 Wraps Up a Thrilling 18th Edition with Global Participation and Networking Highlights

2024-11-04T05:39:55+01:00

Luxembourg, November 04, 2024 – hack.lu, Europe’s central hub for cybersecurity professionals, enthusiasts, and experts, celebrated its 18th successful edition from October 22-25 in Luxembourg, hosting a packed agenda of workshops, trainings, and talks. With over 500 participants from around the world and 75 expert speakers, this year’s conference once again proved to be an essential event in the cybersecurity calendar.

Over the course of four days, hack.lu attendees immersed themselves in topics at the forefront of security, intelligence, and privacy. They enjoyed a packed schedule balanced with ample opportunities to connect over coffee breaks, pastries, and thoughtfully prepared lunches. As a priority for hack.lu, exceptional catering played an essential role in keeping energy high and conversations flowing throughout the event. Attendees also actively participated by presenting 26 lightning talks, each allowing speakers to share their experiences in a concise 5-minute format.

Even before the conference, the renowned hack.lu CTF took place, with 608 teams participating in challenges organized and designed by FluxFingers, the CTF team from Ruhr University Bochum (Germany). During the conference, hack.lu 2024 challenges were organized by the FIRST SecLounge SIG volunteers, offering participants various levels of challenges to play.

The conference organizers hosted a speaker’s dinner on the first evening to recognize and celebrate the event’s contributors. On the second day, participants mingled at an independently organized social event, which included fun activities such as PowerPoint karaoke. The third evening featured an invitation to the Cybersecurity Gala, held in collaboration with Cybersecurity Week Luxembourg.

Sascha Rommelfangen, co-organizer of hack.lu, reflects: “We’ve received tremendous positive feedback for this year’s organization. It’s inspiring to see participants join us from across the globe, from Australia to China, Mauritius to the USA. hack.lu is all about fostering connections in a friendly and inclusive setting, and we’re already looking forward to making next year’s event even more memorable.”

The talks and videos given during the conference are now publicly available on the hack.lu website and as a YouTube channel.

With strong support from 15 sponsors, hack.lu 2024 provided a vibrant atmosphere for collaboration and learning. Sponsors and participants alike appreciated the open setting that encouraged interaction and knowledge exchange on the latest cybersecurity challenges and innovations.

Alexandre Dulaunoy, co-founder and main organizer of hack.lu, sums it up: “hack.lu has always been about creating a space where knowledge flows freely and innovation thrives. This year, we saw remarkable ideas emerge from discussions, workshops, and impromptu conversations over coffee or tea. The diversity of voices – from seasoned experts to emerging talents – made this edition incredibly dynamic. We’re honored to facilitate these connections that not only strengthen our community but also push the boundaries of cybersecurity collaboration on a global scale. We look forward to building and improving on this momentum for hack.lu 2025, continuing to shape a future where security and openness go hand in hand.”

As hack.lu 2024 concludes, the organizers are already setting their sights on hack.lu 2025, scheduled for October 21-24, 2025, promising another year of inspiration, innovation, and community for the global cybersecurity landscape. We would also like to extend our heartfelt thanks to all our sponsors, supporters, volunteers, and participants who helped make hack.lu a remarkable conference.

hack.lu 2026

Call for papers is now open for hack.lu 2026 (the 20th edition!)

hack.lu 2026 Call for Papers

Topics of interest

Presentation Format

General Information

Date and Location

Speakers’ Privileges of hack.lu (not applicable to Lightning talks or Call For Failure (CfF)):

Language

Publication and Rights

Sponsoring

CfP Website Submission

Additiona CfP - Call For Failures - CfF 0x2

Logistics & Context

Best Paper Award of hack.lu 2025

🏆 Best Paper Award — hack.lu 2025

Call for Failures @ hack.lu 2025 — Because We All Break Things

💥 Call for Failures @ hack.lu 2025 — Because We All Break Things

What is the Call for Failures?

Why share your failure?

Format

Submit your story

First Student Ticket Sponsor: GCVE.eu

GCVE.eu supports student participation at hack.lu 2025

Final Reminder: 1 Day Left to Submit to hack.lu 2025 Call for Paper

⏳ Final Reminder: 1 Day Left to Submit to hack.lu 2025 Call for Papers

Presentation Format

General Information

Date and Location

Speakers’ Privileges

Language

Publication and Rights

Sponsoring

Conference registration

CfP Website Submission

BSidesLuxembourg is back in 2025, June 19th in Belval

BSidesLuxembourg is back in 2025!

Call for papers is now open for hack.lu 2025

hack.lu 2025 Call for Papers (including cti-summit)

Topics of Interest

CTI Related Topics

Presentation Format

General Information

Date and Location

Speakers’ Privileges

Language

Publication and Rights

Sponsoring

CfP Website Submission

hack.lu 2024 Wraps Up a Thrilling 18th Edition with Global Participation and Networking Highlights