...and, for those who missed it, this was the playlist prepared by speakers, volunteers and staff, enjoy!

https://open.spotify.com/playlist/2GhYOHGcnKbeA0uENE1u0k

(feel free to port it to other platforms :) )

#bsides #bsidesluxembourg #bsidesluxembourg2026 #playlist #music

Huge thanks to this incredible team for bringing #bsidesluxembourg2026 to life!

#bsides #cybersecurity #community #conference #bsidesluxembourg #bsideslu

And a huge shoutout to @ministraitor and Ember for making all things technical work!!

Recordings will be published…. Imminently!

"None of this matters.You're all gonna get compromised anyway."

Security Impress Karaoke at #BSidesLuxembourg was tons of fun.

📅 Upcoming #infosec events in the next 14 days:

• THCon #Thcon — May 5-6, 2026, Toulouse 🇫🇷 #France
• PIVOTcon #Pivotcon — May 6-8, 2026, Malaga 🇪🇸 #Spain
• BSidesLuxembourg @BSidesLuxembourg — May 6-8, 2026, Belval 🇱🇺 #Luxembourg
• BsidesKerala #Bsideskerala — May 7-9, 2026, Kerala 🇮🇳 #India
• BSidesKent #Bsideskent — May 8, 2026, Canterbury 🇬🇧 #UK
Full list & calendar subscription → https://xsa.github.io/infosec-events/
#cybersecurity #conference

AI Supply Chain Alert: PyPIpackage `lightning` versions 2.6.2 and 2.6.3 were compromised on April 30, 2026.

Both versions contained a multi-stage credential-stealing worm targeting GitHub tokens, AWS, Azure, GCP credentials — and capable of self-propagating through npm packages and GitHub Actions workflows.

Notable: this incident may be one of the first documented real-world abuses of Claude Code hooks for malware persistence.

A MISP event is available for direct import at the bottom of the article.

https://www.cubessa.com/blog/lightning-pypi-supply-chain-incident/lightning-pypi-supply-chain-incident.html

⚡ Game On at BSides Luxembourg 2026!

𝗔𝗚𝗡𝗢𝗟𝗘𝗧𝗧𝗜 & 𝗧𝗥𝗨𝗠𝗣: 𝗚𝗔𝗠𝗜𝗡𝗚 𝗣𝗟𝗔𝗬𝗜𝗡𝗚 𝗧𝗢 𝗪𝗜𝗡 𝗔𝗧 𝗖𝗬𝗕𝗘𝗥 – @klausagnoletti Klaus Agnoletti, Ian Thornton-Trump

Step into a different kind of incident response training in this dynamic 40-minute talk that blends cybersecurity with role-playing strategy. Instead of static playbooks, this session shows how organizations can simulate real-world cyber scenarios using immersive, RPG-style exercises—turning preparation into an engaging and effective experience.

From detecting lurking threats to executing stealthy response actions, containing adversaries, and navigating high-pressure situations, this talk reimagines how teams can train for cyber incidents. Packed with humor and practical takeaways, it highlights how scenario-driven training can sharpen decision-making, improve coordination, and prepare teams to respond with confidence when it matters most.

Klaus Agnoletti @klausagnoletti is a seasoned infosec professional and co-founder of BSides København, known for his creative approach to security training and storytelling. Ian Thornton-Trump brings over 30 years of experience in cybersecurity, threat intelligence, and leadership roles, with a strong focus on building effective security operations and programs across industries.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #IncidentResponse #CyberTraining #ThreatIntelligence #BlueTeam #CyberSecurity