THE Speakers
Aditya Singh
Trojan Penguin in the Windows: Advanced Attack Vectors Through WSL2
Aditya Singh is a Senior Security Researcher at Siemens Healthineers focused on adversary evasion techniques and digital privacy; he leads Threat Intelligence, incident response investigations, and malware analysis. Currently also conducting research at the University of Newcastle, he investigates platform-level security gaps in modern operating systems. His research has been presented at multiple international security conferences including Nullcon Goa, HackRed-Con, MY Hack Malaysia, BSides Bloomington, BSides Sydney, BSides Connecticut, BSides Mumbai & Noida and VulnCon, Defcon Delhi. His work on "Unveiling Digital Identities: Mobile Device Fingerprinting" explores multi-layered user tracking mechanisms, while "Reinventing Access Control" proposes novel frameworks to prevent phishing-driven account takeover.
Tran Chi Thien
VulnHunterX: LLM-Powered automated vulnerability hunting
Tran Chi Thien (PhD) is a cybersecurity researcher specializing in static analysis and AI security. His research focuses on advanced software testing techniques, including fuzzing, automated code generation, data flow analysis, and applying large language models (LLMs) to security testing. Previously, Thien served at the Institute for System Programming of the Russian Academy of Sciences. His product, FUTAG (Fuzz target automated generator), is widely known in the Russian SDL community. He currently works as an offensive security leader at VinSOC and as a cybersecurity lecturer at several universities in Vietnam. His expertise in discovering, exploiting, and mitigating software vulnerabilities makes him a compelling speaker on emerging threats and advanced offensive and defensive techniques.
Bach Ngoc Hung &
Nguyen Anh Quynh
Browser Credentials Theft: Stealers' Journey from DPAPI to App-Bound Encryption
Bach Ngoc Hung is currently working as a Redteamer at VinSOC, focusing on malware analysis/development, OS internals, and offensive security research. Through his work at VinSOC, he contributes to building malware and exploitation payloads and to helping the organization understand its exposure to advanced threats.
Nguyen Anh Quynh is the author of Capstone, Unicorn, and Keystone frameworks.
Lei HUANG
From EDR Evasion to Detection Engineering: A Practical Red-Blue Methodology
Lei HUANG is a red teamer and offensive security enthusiast at Ansen, where he focuses on practical offensive security assessment and adversary simulation. He holds multiple advanced certifications, including OSCE3, OSCP, OSEP, OSWE, OSED, and OSWP, reflecting hands-on experience across exploitation, web security, endpoint tradecraft, and wireless assessment. His research focuses on endpoint evasion and adversary tradecraft, particularly within Windows environments, with close attention to how offensive techniques interact with modern defensive controls. He is especially interested in translating technical research into realistic operator methodology and actionable insights for defenders. Through his work, he aims to bridge the gap between public tooling, real-world intrusion tradecraft, and practical security testing in enterprise environments.
Lidor Ben Shitrit
Pre-auth RCE in Enterprise Java: When Middleware Becomes the Exploit
Lidor Ben Shitrit (@Thisis0xczar) is a Cloud Security Researcher and a Founding Team Vulnerability Researcher at Novee Security, focused on uncovering vulnerabilities across major cloud platforms, with a particular emphasis on Azure. Lidor is a Microsoft Most Valuable Researcher (MVR) for 2022 and 2023, recognized for his impactful contributions to cloud security research.
Yaoan Guan
Trojan hidden in the weight—A Chain of LLM Attacks
Yaoan Guan focuses on ML cybersecurity research and AI offense and defense. He ranked among the top 15% in the Attack Phase of Track 1 at the Alibaba Cloud-AI and Global Competition and achieved top 20% in the Tencent Cloud Hackathon Intelligent Penetration Testing Challenge. He was invited as a guest lecturer at the 2025 QI-ANXIN Butian Hacker Conference. He exploited IVI vulnerabilities at Pwn2own Automotive. His team won the "Excellent Red Team" title at the Shenzhen Autonomous Vehicle Cybersecurity Competition and has been granted numerous CVE vulnerability IDs. He is an active member of a hacking group, DEFCON DC86020.