NorthSec 2026 speaker lineup is here ...and it's our best yet!

31 talks & workshops. Two days in Montréal. Tickets going fast (get yours by April 1st to secure a badge and a t-shirts). 👇

𝗧𝗮𝗹𝗸𝘀:
• Guillaume Valadon & Gaetan — Private Key Leaks in the Wild: Insights from Certificate Transparency
• Philippe Pépos Petitclerc — A systematic approach to evading antivirus software
• Émilio Gonzalez — Increasing detection engineering maturity with detection as code
• François Labrèche — A Needle in a Haystack: Identifying an Infostealer Attack Through Trillions of Events in a Large-scale Modern SOC
• Wietze — Trust me, I'm a Shortcut - new LNK abuse methods
• Reza Sharifi — Internet Blackout 2026 in Iran — Next-Level Internet Censorship: A Technical Breakdown of Techniques and Tactics
• Andrew Buchanan, Max CM & Connor Laidlaw — Commit, Push, Compromise: Attacking Modern GitHub Orgs
• Dirk-jan Mollema & Sanne Maasakkers — Researchers vs. Threat Actors in Cloud Attacks
• Jeremy Miller — Measuring AI Ability to Complete Long Cybersecurity Tasks
• Manu Jose — The Merchant of Venice: Trading Latency for Security at Scale
• Joshua Prager & Ben Schroeder — Mapping Deception Solutions with BloodHound OpenGraph
• Christian Paquin — Doxxing-proof authentic digital media: trust the asset, protect the source
• Robbe Van Roey — Hacking Browsers: The Easy Way
• Ron Bowes — Adventures in Process Injection (How I Accidentally Built a Debugger - Again!)
• Xavier Facélina — Le futur s'invente avant-hier
• Charl-Alexandre Le Brun & Simon Lachkar — The OpenGraph diary: Attack path management applied to Ansible
• François Proulx — Living Off The Pipeline: Defensive Research, Weaponized
• Pierre-Nicolas Allard-Coutu — Stolen Laptops: Defeating DMA Countermeasures
• Philippe Marchand — Cybermenaces géopolitiques au Canada: État des lieux et perspectives stratégiques
• Kristine Barbara — From Experts to Everyone: Democratizing Threat Modeling at Ubisoft
• Chirag Savla — When Serverless Becomes a Foothold: Abusing Azure Function Apps in Modern Cloud Environments
• Brad Edwards — APTL: An Open Source Agentic Purple Team Lab
• Maxime Arquilliere & Coline C — Sold to the highest bidder: the escalation of ADINT from geolocation tracking to intrusion vector
• Sébastien Dudek — Hacking 5G: From Radio Security to the APIs

𝗪𝗼𝗿𝗸𝘀𝗵𝗼𝗽𝘀:
• Logan Maclaren & Lewis Moore — Command & Conquer: A hands-on C2 primer for aspiring Red & Blue teamers
• Santiago Abastante — AWS Security - The Purple Team Way
• Faan Rossouw — Agentic AI for Threat Hunting
• Ben Gardiner — Hardware RE: a gentle intro
• Tammy Harper — The Ransomware Negotiation Lab
• Mark El-Khoury — DIY Continuous Security: Practical Security Engineering
• Ashley Manraj & Philippe Dugré (zer0x64) — Breaking and Hardening the Cloud: Advanced Hooking and Shellcoding in a Hardened Environment

#NorthSec #cfp #infosec #cybersecurity

Just had a "software engineer specializing on full stack AI/ML development" show up in the ngscopeclient dev chat, give like two lines of what looked like human generated feedback on the CI/build setup, then descend into AI slop completely misunderstanding the infrastructure.

What is the world coming to...

I have a black belt in FAFO

📸 of Strange Æons (Teya)

Every AI company knows they're building the wrong thing.

And they can't stop.

Because the competitive structure specifically punishes anyone who slows down long enough to build the right thing.

The race is real. The destination is fake.

https://www.joanwestenberg.com/everyone-in-ai-is-building-the-wrong-thing-for-the-same-reason/

from my link log —

Matt Gray hacked car charging to work with his e-bike. (YouTube)

https://youtu.be/i6IyukCIia8

saved 2026-02-23 https://dotat.at/:/LX0C8.html

PSA: Did you know that it’s **unsafe** to put code diffs into your commit messages?

Like https://github.com/i3/i3/pull/6564 for example

Such diffs will be applied by patch(1) (also git-am(1)) as part of the code change!

This is how a sleep(1) made it into i3 4.25-2 in Debian unstable.

📣 Call for proposals for the 2026 edition.

We are looking for talks and workshops about security and open-source software.

Offensive or defensive security, low level, systems or CI management, tooling, we welcome any security subject as long as it related to a free software or provide an open-source tool!

👉 https://2026.pass-the-salt.org/

📩 A question, doubt? Our support team is listening to you: [email protected]

⏰ The deadline is March, 31 2026!

RE: https://mastodon.social/@FirewallDragons/116001542332834681

Carey does it again! What a fun time. Take a listen! 📻 🔐

And sign up for the hacklore.org newsletter! 🤓

And OMG that looks like my old TVI-920 monitor! 🤯