You have previously published a cybersecurity artifact in a peer-reviewed venue? Then submit it to #ACSAC2025's Cybersecurity Artifacts Competition! The deadline for submissions has just been extended to 17th October 2015. All infos on our website:

No award in 2025? Here is another chance: @chwress.bsky.social, @kumarde.bsky.social, and I are looking for (self) nominations for @USENIXSecurity '26 Artifact Evaluation Committee! Remember to fill the nomination form by Friday, Oct 17: forms.gle/sMCJHww2qcUK... And help us spread the word! 🚀

🚨 EURECOM is recruiting a PhD student (and master-level interns) on verification and testing at the hardware-software boundary 🌄 Amazing location between sea & mountain 💡 3-year position 🌍 International environment (no French required!) You're a curious and motivated student? Reach out!

If you’re on academia dot edu, let me suggest that you strongly consider deleting your account.

L'enfant aime les gâteaux. L'enfant aime le yaourt. L'enfant aime pas le gâteau au yaourt 🤷‍♀️

x86 suffers from what you would call “long tail syndrome”. 

A huge amount of legacy instructions used <0.01% of the time. 
 SHRINK is a cool paper proposing that we *emulate* the old stuff instead. 

AKA Instruction Recycling.

📣 To all #students who want to attend #ACSAC2025 in Hawaii 📣 It's time to hand in your conferenceship applications. The deadline on 26th September is approaching! Read all details on our website:

DIMVA 2026 is happening! Nominate yourself or your colleagues to join the Program Committee (PC). Review Cycles: mid Dec - Feb & late Feb - Apr. Submit PC nominations here: dimva.org/pc-nominations Be part of #DIMVA26’s success — Looking forward to seeing the nominations submitted. #PC

As last year, #ACSAC2025 will hold a Cybersecurity Artifacts Competition and Impact Award! Not only artifacts of #ACSAC papers, but instead ALL cybersecurity artifacts can be submitted! Deadline is 19th September. All details on our website:

Congratulations to USENIX Security 2025 AE: 🏆 Distinguished Artifact Awards 🏆 Distinguished Reviewer Awards ⭐ Noteworthy Reviewer Recognition 🥷 Ninja Reviewer Recognition secartifacts.github.io/usenixsec202... And thank you all for your help! CC @pvadrevu.bsky.social Tiago Heinrich

C'est le retour de Pépite ! Et cette fois c'est pour vous parler de la place des femmes dans le monde du numérique 💻 Pourtant majoritaires jusqu'au années 70, elles semblent avoir disparu du secteur jusqu'à représenter seulement 24 % des emplois. Petit retour historique sur ce phénomène ⬇️

Want to learn reverse engineering? There'll be a free, women*-only BlackHoodie workshop from October 6th to 9th in Paris! Topics: • Linux memory forensics 🕵️‍♀️ (by Sonia) • Web app and mobile app pentesting 🕸️📱 (by Paula) • iOS reversing 🍎 (by me)

This year OOPSLA initiated a new Reserve Reviewer Policy to help keep reviewer loads manageable. We've written up the design principles, implementation details, and observations. We look forward to feedback and to continued experimentation by other venues! blog.sigplan.org/2025/09/09/t...

J'ai fait un hiatus de deux ans sans enseignement post congé mat. Le collègue qui me renseigne sur la procédure me dit "Mais il y a bien sûr une autorisation de cumul" et... J'ai tellement pas envie de me re-battre avec les RH pour un document qui n'existe plus depuis des années.

The AI authorship issue is real. We've caught papers that looked OK but had references to works by the *journal editors* that *do not exist*. Like, don't send us papers citing papers we know we didn't write, right?

Ou alors. On pourrait aussi employer le même nombre d'admin et les chercheurs et chercheuses feraient de la recherche au lieu de faire des tâches administratives. Je pose l'idée là, vous en faites ce que vous voulez.

The best thing about having a toddler is seeing people spitting out hot takes like "ChatGPT and everyone who uses it are garbage" and instead of engaging, I just think "I'm too tired for this shit"

The fourth presentation was Ayoub et al.'s "BlueScream: Screaming Channels on Bluetooth Low Energy," exploring real-world firmware attacks via side-channel vulnerabilities in #BLE devices. (www.acsac.org/2024/p...#BLE 5/6 #SideChannelAttack #WirelessSecurity

ANNUAL REPORT Salty is back from vacation and well rested! ⛱️ So our mascot dove right into writing Pass the SALT annual report and is very happy to share it with you: 2025.pass-the-salt.org/annual-report/ 🥰 #pts25

2024 was a significant year for decompilation, constituting a possible resurgence in the field. Major talks, the thirty-year anniversary of research, movements in AI, and an all-time high for top publications in decompilation. Join me for a retrospective: mahaloz.re/dec-progr...

Ben où ils sont tous les gens qui disent qu’on travaille 6 mois par an, 12h par semaine, en étant payé comme des rois ? Vous voulez pas venir prendre les places ? www.mediapart.fr/journal/fran...

At this stage it looks like a parody of itself

Je suis photographe animalière, je vends mes photos pour vivre. Un partage, c’est plus qu’un simple clic : c’est me rendre visible. Merci ! 🙏

I'm thrilled to announce that after months of intensive work, the complete materials for my Applied Cryptography course at the American University of Beirut are now finished: both Part 1 (Provable Security) and Part 2 (Real-World Cryptography)!

Je vous la fais courte : Quand on vérifie les termes employés, les chiffres et les calculs, ce n'est pas 50% d'arrêts de travail injustifiés mais 0,024% 🙃

Twitter is now 75% bot activity. The dead internet theory aint a theory anymore.

DEFCON has banned Eric Michaud. You need to be an exceptionally toxic sleazebag to get banned from DEFCON. There are literally only 4 other names on the list: John Draper, Jake Appelbaum, Morgan Marquis-Boire, and Chris Hadnagy. defcon.org/html/links/d...

@blackhoodie.bsky.social will be back at @hexacon.bsky.social this year, and we're currently looking for former BlackHoodies who would be willing to give a training, between Oct 6 and 9! blackhoodie.re/Hexacon2025/

ICML found hidden prompts in accepted papers. They have released a statement icml.cc/Conferences/... Yes, it’s unacceptable. So is using an LLM to review a paper. Peer review is so broken.

Rappel : d'après 2 études de la DREES (Bercy) et de l'INSEE, augmenter la durée de carence ne fait pas diminuer le nombre d'arrêts maladie, ça ne fait qu'augmenter leur durée moyenne, ce qui coûte donc plus cher. Mais que peut la science face à l'idéologie de la droite ?

📢 The Journal of Systems Research (JSys) is looking for senior graduate students, postdocs, and early-career researchers to serve on its Artifact Evaluation Board (AEB). #OpenScience 🧑‍🔬 To learn more/nominate yourself for the AEB, visit forms.gle/PJzS81AhN2TA...

Replication Crisis xkcd.com/3117/

🚨 2nd conference on Undone Science in Computer Science : a conference in computer science to pause and reflect on the epistemological and ethical dimensions of the field, through the concept of undone science 🔗 #CFP : www.undonecs.org/2026/

Discounted early bird registration for WOOT '25 is still open until Monday - www.usenix.org/conference/w... - join us in Seattle on Aug 11/12 (right before USENIX Security) for talks and discussions on great cutting-edge offensive security research. Full program at www.usenix.org/conference/w...

F. Bayrou : "Nous sommes devenus accros à la dépense publique" Les faits : depuis 20 ans, le taux annuel de croissance des aides publiques aux entreprises est 3,3 fois plus rapide que celui des aides sociales et 3 fois que le PIB. Voilà ce qui aggrave les déficits #Budget2026

🚨After a year-long embargo, our S&P paper is finally out! 📄Paper: aka.ms/enter-exit-l... 🔒AMD Advisory: aka.ms/AAwztqx 📝Summary: We develop the first tool to test security boundaries for uarch leaks -with no prior knowledge of CPU internals. It discovered Transient Scheduler Attack (TSA)... [1/2]

The Call for Contributed Talks is now open for RWC 2026! And the deadline for submissions is now Oct. 10, 2025. rwc.iacr.org/2026/contrib...

Everything that goes into a colander is pasta to my daughter. She loves pasta so I'm not arguing.

20 things that women should stop wearing after the age of 30. 1-20: The weight of other people's expectations and judgments.

Well, well, well... 🤡

We found a new vulnerability in TLS. It's a variant of the ALPACA attack that bypasses current countermeasures. Relativly low impact - but great insight! Check it out: opossum-attack.com

Yes when I was on the board of @cornelluniversity.bsky.social the women profs told us exactly this..and even moreso for the minority profs: minority students flocked to them as role models to ask for mentoring and advice, taking time away from the Prof's own research #womeninscience #womeninstem

In a study of professors, women got 378 new work requests over 4 weeks vs 118 for men. Women spent more time on service, advising & teaching; men on research. Orgs should track who is taking extra duties & ensure they are rewarded and distributed fairly. www.forbes.com/sites/kimels...

🚨 Pass the SALT @passthesaltcon.bsky.social 2025 is over and thanks to the amazing job of the team, you can already browse all the talks: 📒 Slides: archives.pass-the-salt.org/Pass%20the%2... 📽️ Videos: passthesalt.ubicast.tv/channels/#2025 Thanks to all speakers and attendees, see you next year! ❤️

After all these reports of authors adding language instructions for LLM reviews in their papers I wanted to check this myself and I downloaded the .tex source from one of these papers. Here is an example. (I will not share the identity of the paper)

Europeans with credible expertise in cryptography and/or computer security should participate in this call by the 🇪🇺 Commission to explain to them, in terms that politicians can understand, why providing access to communications data to law enforcement … berthub.eu/articles/pos...

1/ @cloudflare.social just introduced a way for publishers and crawlers to negotiate payment for access to content, with specific application to AI crawlers. blog.cloudflare.com/introducing-...

If people think American scientists are somehow going to land in Europe, I've got news for you about the difference between millions and billions. www.nature.com/articles/d41...

[Please share with people outside of cybersec] Do you have a horror story when you had to deal with cybersecurity companies / people? This is your chance to vent! → forms.gle/9aX24HrfnEQm... I'm running an anonymous survey to listen to stories and look into the disconnect we sometimes have.

📣 Le Prix Irène Joliot‑Curie 2025 est ouvert aux candidatures jusqu’au 1er août ! Femmes scientifiques : mettez en lumière vos parcours et votre engagement. Une manière forte d’inspirer les générations futures. Candidatez dès maintenant 👩‍🔬👉 www.enseignementsup-recherche.gouv.fr/fr/PIJC-2025...