4-5 JunePosthuset 7A

Midnight Sun CTF Conference

MidnightSun houses Sweden’s biggest CTF event involving teams from all over the world. It has grown to include an offensive and policy focused conference by hackers, for hackers in Stockholm, Sweden.

This year, the conference theme is "Cyber Conflicts: The Tools and Techniques of Tomorrow". At Midnight Sun, talks revolve around offensive security, including advanced exploitation methods, reverse engineering, vulnerability detection and cyber strategy.

Earlybird discount until 31 March! Use promo code Earlybird when choosing ticket.

Sample speakers 2026

Carl Heath
Senior Researcher in digital resilience at RISE: Center for Security Design and Innovation

Carl Heath is a senior researcher at the Center for Security Design and Innovation (CSDI) at RISE – Research Institutes of Sweden, as well as a researcher at the University of Gothenburg. He works in applied research relating to society's digital transformation, particularly concerning issues related to democracy, digital resilience, AI and innovation management. Carl has served as a Special Counsel for the protection of democratic dialogue for the Swedish government, examining democracy in the digital age, as it relates to disinformation, propaganda and hate speech. 

He currently assists the Swedish Psychological Defense Agency as well as other agencies in applied research and innovation in the context of digital transformation, total defense and hybrid warfare. Carl Heath is also a board member of the Swedish eHealth Agency and a member of the Media Subsidies Council, a part of the Swedish Media Authority. He won the Swedish eGovernment Awards in 2020 and is an international keynote speaker.

Read more

The Good, The Bad and The Ugly of technology in turbulent  times

Palmsalen

In an age where digital technology and artificial intelligence play an ever-expanding role in shaping our lives, the risks associated with their misuse in cyber- and hybrid warfare, and foreign influence operations and malign information campaigns are becoming increasingly significant. This lecture aims to deepen the understanding of how technology plays a role in these domains in our geopolitically turbulent times.The session will provide insights into the mechanisms by which technology is employed in cognitive warfare to create and amplify hybrid- cyber and malign information. It will explore both the opportunities AI presents for defending democratic values and the ethical challenges it poses. Participants will gain an understanding of how societies can build resilience against cognitive warfare while safeguarding core principles such as freedom of expression and democracy.

Read more

Faith
Chronomaly: Tick, Tock, Root

Faith is a Lead Blockchain Security Researcher at Zellic. He previously worked as a vulnerability researcher at Dataflow Security, and has continued doing vulnerability research

in his free time. Most recently, he found a vulnerability in the Linux kernel's RxRPC subsystem, which he used as an entry for ZeroDay.Cloud as part of Team CCC.

---------------------------------------------------------------------------------------------------------

What happens when the kernel's own timekeeping mechanisms can be turned against it? Such was the case for CVE-2025-38352 – a vulnerability in the Linux / Android kernel's POSIX CPU timers implementation that was exploited in the wild. In this talk, I'll walk through the vulnerability and dissect Chronomaly, the exploit I built for it.

Read more

Johan Carlsson
Bug bounty hunter

What happens if you let a security novice hack your company for five years?

 Life took an unexpected turn when I left an art career to study computer science, eventually pivoting to cybersecurity and making bug bounty my full-time livelihood. Bug bounties allow anyone to use big corporations as a playground for real-world security learning. I will walk through some of my favorite findings from my years hacking GitLab, demonstrating how curiosity and persistence can allow anyone to join the field of cybersecurity. 

Bio: Johan Carlsson is a self-employed, full-time bug bounty hunter based in Gothenburg, Sweden. Currently ranked number one on GitLab’s bug bounty program on HackerOne, he has found and reported vulnerabilities to a host of major companies, including Zoom, Google, Apple, and GitHub. Johan holds a Bachelor’s degree in Computer Science from KTH in Stockholm, as well as a Bachelor’s degree in Fine Arts from KHiO in Oslo, Norway.

Read more

All you need to know


© MapTiler © OpenStreetMap contributors

Organized by