Program

Legend

- [K] : Keynote
- [S] : Short Presentation
- [L] : Long Presentation
- [XL] : Extra Long Presentation

Please note that the program is not yet complete. Minor changes (such as time changes) may still occur.

Tuesday May 5th 2026

9:15 | 9:30

Opening

9:15 | 10:00

[K]Backdoors in your smartphones? Why? How ? Not?

Aurelien Francillon (Eurecom) 🎙️

More info →

10:15 | 10:45

[L]Key Recovery from Side-Channel Power Analysis Attacks on Non-SIMD HQC Decryption

Nathan Maillet (EDF R&D, LAAS-CNRS) 🎙️, Cyrius Nugier (ENAC), Vincent Migliore (INSA Toulouse/LAAS-CNRS) and Jean-Christophe Deneuville (ENAC)

More info →

10:45 | 11:15

12:25 | 14:00

Lunch Break

14:00 | 14:30

[L]Vibe Coding at Scale: Systematic Discovery of Authorization Failures and Data Exposure in AI-Generated Web Apps

Nohé Hinniger-Forayi (Escape) 🎙️, Gabin Fouquet (Escape) 🎙️, Gabriel Marquet (Escape), Gwendal Mognie (Escape) and Alexandra Charikova (Escape)

More info →

14:30 | 14:50

[L]AI for Software Vulnerability Management: Use Cases and Challenges

Merve Sahin (SAP) 🎙️, Kendrick Gruenberg (SAP, TU Braunschweig) and Malte Wessels (TU Braunschweig)

More info →

14:50 | 15:20

[L]From inside with love: using uninitialized kernel memory to achieve cross container infoleak

Vatafu vladut (execc0de Team) 🎙️

More info →

15:20 | 15:40

[S]Attack Scenarios and Embedded Intrusion Detection for Space Systems

Louis Lolive (IRT Saint Exupery/LAAS-CNRS) 🎙️, Guillaume Auriol (INSA Toulouse/LAAS-CNRS) Vincent Nicomette (INSA Toulouse/LAAS-CNRS) Florent Galtier (LAAS-CNRS) Simone Urbano(Starion Group France) and Jacques Girard (Thales Alenia Space)

More info →

15:40 | 16:15

Coffee Break

16:15 | 16:35

[S]Integration of EBIOS-RM in a secure product development process

Rémi BONREPAUX (Viveris Technologies) 🎙️

More info →

16:35 | 17:00

coming Soon !

coming Soon !

More info →

17:00 | 17:30

Prechallenge Writeups and Results

17:30 | 18:15

Rump sessions

Wednesday May 6th 2026

9:15 | 10:00

[K]coming Soon !

coming Soon !

More info →

10:00 | 10:30

[L]Towards programming languages free of injection-based vulnerabilities by design

Pierre-François Gimenez (INRIA) 🎙️, Eric Alata (Intel)

More info →

10:30 | 11:00

[L]Ransomware vs. Info Stealers: A Comparative Analysis

Steph Shample (S2 Advising LLC, University of Maryland) 🎙️

More info →

11:00 | 11:30

Coffee Break

11:30 | 12:00

[L]Multi-domain Anomaly Detection in 5G Networks through Continuous Dynamic Graphs

Thomas Hoger (LAAS-CNRS) 🎙️, Philippe Owezarski (LAAS-CNRS) and Mariamdouni (Université de Carthage/LAAS-CNRS)

More info →

12:00 | 12:35

[XL]Chain of Thought F's Everybody

Axelle Apvrille (Fortinet) 🎙️, Damien Cauquil (Quarkslab) 🎙️

More info →

12:40 | 14:15

Lunch Break

14:15 | 14:45

[L]The Airbus Method: Transforming Vulnerability Noise into Actionable Intelligence

Jérémy RICHARD (NEVERHACK) 🎙️ , Paul VARGAS (FERCHAU) 🎙️, Bertrand LECONTE (Airbus) 🎙️, Eric CAUSSIN (Airbus)

More info →

14:45 | 15:15

[L]Master Boot Record Bootkit Analysis and Reverse Engineering

Diyar Saadi (Independant Security Researcher) 🎙️

More info →

15:15 | 15:35

[S]Exposing Visual Aimbots: In-Game Honeypots for Proactive Cheat Detection

Salman Shaikh (KAUST) 🎙️, Marc Dacier (KAUST) and Tao Ni (KAUST)

More info →

15:35 | 16:00

Coffee Break

16:00 | 16:30

[L]Identifying potential attack scenarios in complex systems by means of provenance graphs

Loic Robert (Airbus/LAAS-CNRS) 🎙️ , Vincent Nicomette (INSA Toulouse/LAAS-CNRS), Eric Lacombe (Airbus), Marie-José Huguet (INSA Toulouse/LAAS-CNRS) and Emmanuel Hebrard (LAAS-CNRS)

More info →

16:30 | 16:50

[S]Implementing cross-domain & cross-forest RBCD attacks

Simon Msika (SynAcktiv) 🎙️

More info →

16:50 | 17:10

[S]Ah, the good old days

Yann Bachy (Lyra) 🎙️

More info →

17:10 | 17h15

Program

Legend

Please note that the program is not yet complete. Minor changes (such as time changes) may still occur.

May the 4th be with you !

Tuesday May 5th 2026

Opening

[K]Backdoors in your smartphones? Why? How ? Not?

[L]Key Recovery from Side-Channel Power Analysis Attacks on Non-SIMD HQC Decryption

Coffee Break

[L]Experimental study of the security of WirelessHART

[S]CasinoLimit: An Offensive Dataset Labeled with MITRE ATT&CK Techniques

[S]Using hardware signals to detect malware in critical embedded systems

Lunch Break

[L]Vibe Coding at Scale: Systematic Discovery of Authorization Failures and Data Exposure in AI-Generated Web Apps

[L]AI for Software Vulnerability Management: Use Cases and Challenges

[L]From inside with love: using uninitialized kernel memory to achieve cross container infoleak

[S]Attack Scenarios and Embedded Intrusion Detection for Space Systems

Coffee Break

[S]Integration of EBIOS-RM in a secure product development process

coming Soon !

Prechallenge Writeups and Results

Rump sessions

Wednesday May 6th 2026

[K]coming Soon !

[L]Towards programming languages free of injection-based vulnerabilities by design

[L]Ransomware vs. Info Stealers: A Comparative Analysis

Coffee Break

[L]Multi-domain Anomaly Detection in 5G Networks through Continuous Dynamic Graphs

[XL]Chain of Thought F's Everybody

Lunch Break

[L]The Airbus Method: Transforming Vulnerability Noise into Actionable Intelligence

[L]Master Boot Record Bootkit Analysis and Reverse Engineering

[S]Exposing Visual Aimbots: In-Game Honeypots for Proactive Cheat Detection

Coffee Break

[L]Identifying potential attack scenarios in complex systems by means of provenance graphs

[S]Implementing cross-domain & cross-forest RBCD attacks

[S]Ah, the good old days

Closing session