hack.lu 2026 Call for Papers

The purpose of the hack.lu convention is to provide an open and free playground where people can discuss the implications of new technologies in society. hack.lu is a balanced mix convention where technical and non-technical people can meet and share all kinds of information freely. The convention will be held in the Grand-Duchy of Luxembourg in October (20-23.10.2026). The most significant new discoveries about computer network attacks and defenses, open-source security solutions, and pragmatic real-world security experiences will be presented in a four-day series of informative tutorials.

Hack.lu includes the Cyber and Threat Intelligence Summit gathering all the experts, analysts, users, and contributors to cyber and threat intelligence at large. A strong focus will be given to projects bridging intelligence communities together and also open-source related projects.

We invite you to submit papers, lightning talks, and workshop proposals for selection by the hack.lu technical review committee.

Topics of interest

• Software Engineering and Security
• Social Engineering
• Honeypots/Honeynets
• Spyware, Phishing and Botnets (Distributed attacks)
• Newly discovered vulnerabilities in software and hardware
• Electronic/Digital Privacy
• Wireless Network and Security
• Attacks on Information Systems and/or Digital Information Storage
• Electronic Voting Security
• Free Software and Security
• Assessment of Computer, Electronic Devices and Information Systems
• Standards for Information Security
• Legal and Social Aspect of Information Security
• Software Engineering and Security
• Security in Information Retrieval
• Network Security
• Malware Analysis and Reversing
• Forensics and Anti-Forensics
• Offensive (and counter-offensive) Information Technology
• Mobile Communications Security and Vulnerabilities
• CSIRTs, Incident Analysis and Response
• Information Security and Data Mining
• Threats Exchange and Sharing
• Open source tooling used in threat intelligence including new tools or development of existing tools
• Threat intelligence processes
• Successes and failures in creating threat intelligence processes
• Use of open source tools (such as MISP) into SOC, CSIRT or any security organisation or intelligence community to support threat intelligence processes
• Interoperability between threat intelligence tools (open source and proprietary)
• Improving and evaluating quality of threat intelligence at large
• Share lessons learnt in the intelligence domains including analysis processes, analytical methods and/or techniques
• Lessons and challenges while performing intelligence analysis
• Successes and failures in data modelling for intelligence
• Share experiences in information and intelligence sharing including building communities, tooling, social interactions
• Improving skills in intelligence domain such as threat analysis, collection and dissemination
• Integrating OSINT, HUMINT, *INT into threat intelligence processes
• AI at large (use and abuse of Artificial Intelligence in Information Security)

The above lists of topics are not exhaustive and other related topics are welcome.

Presentation Format

The format of the talks during hack.lu is composed of a 20-minute maximum presentation with a 10-minute Q&A session. The goal is to foster collaboration and live discussions. The sessions will be video recorded except if the presenter doesn’t accept. Complementary papers, articles, and presentations are highly encouraged for participants who are willing to have more insight about the presentation given.

General Information

Date and Location

The hack.lu conference will take place physically in Luxembourg (October 20 - 2333, 2026) at the
Parc Hotel Alvisse, 120 Route d’Echternach, L-1453 Luxembourg
(Long : 49.6399337, Lat : 6.1517228)

Speakers’ Privileges of hack.lu (not applicable to Lightning talks or Call For Failure (CfF)):

• For the selected talks/presentations/papers, authors will get a free access to the conference.
• One speaker per talk/workshop
• Accommodation will be provided (up to 4 nights during the conference). Hotel room must be reserved with a dedicated registration code. A credit card is needed as guarantee for the hotel. It won’t be charged for the covered nights (excluding additional services you might take).
• Reimbursement of travel costs up to 300 EUR
• Lunch, beverages, and more during the all days of the conference

Language

The language of the conference is English.

Publication and Rights

Authors keep the full rights on their publications/papers but give an unrestricted right to redistribute their papers for the hack.lu convention and its related electronic/paper publication.

You can enter proposals until 2026-05-31 11:59 PM (Luxembourg time).

Edit or view your proposals
Submit a proposal

Sponsoring

If you want to support the initiative and gain visibility by sponsoring, please contact us by writing an e-mail to info(AT)hack.lu

For more information about sponsoring options.

CfP Website Submission

CfP hack.lu 2026 submission website

Additiona CfP - Call For Failures - CfF 0x2

• It’s a session during hack.lu 2026 where participants present 10-minute talks about their biggest failure in cybersecurity, and — crucially — what they learned (or didn’t learn) from it.
• This track is reserved for participants and speakers of hack.lu. You need to have a specific code to be able to submit your proposal.
• The theme is “Over Fail: The Untold Truth Behind the Magic of Cybersecurity”. The organizers want to counterbalance the usual success stories by giving space to real mistakes.
• Examples of what might be shared include:
  • Mistakes in red teaming or pentesting (bringing down a system inadvertently).
  • Blunders in forensics or incident response (e.g. mis-handling evidence).
  • Failures in threat intelligence, blockchain, AI, big data, etc.

Logistics & Context

• CfF talks will be held one evening during the conference from around 19:00 to 21:00.
• Only hack.lu participants whose proposals are accepted can present.
• This is the third edition (the first being CfF 0x0 in 2019) at hack.lu.

• 2026 1
• 2025 5
• 2024 2