Blog | February 25, 2026

Black Hat Asia 2026 Briefings: Review Board Reveals Top 5 Must-See Research Presentations

The cybersecurity landscape continues to evolve faster than ever, and Black Hat Asia 2026 promises to deliver the most cutting-edge research and threat intelligence the industry has seen. Our Review Board has meticulously evaluated each individual submission to curate this year's Briefings program, and we're excited to share their top must-see selections delivering breakthrough insights.

Taking place April 21-24 at Marina Bay Sands in Singapore, Black Hat Asia 2026 will showcase groundbreaking research that addresses the most pressing cybersecurity challenges facing organizations across the Asia-Pacific region and beyond.

Image features one of the Speakers from Black Hat Asia 2025 presenting on stage.

The Review Board's Selection Process

The Black Hat Review Board comprises leading cybersecurity experts, researchers, and practitioners who bring decades of combined experience to the selection process. Researchers submit their talks via the Call for Papers, and then each submission undergoes rigorous evaluation based on technical merit, practical impact, novelty, and relevance to the current threat landscape.

Daniel Cuthbert, Black Hat Asia Review Board member & Global Head of Security Research, noted: "I'm excited about Black Hat Asia this year. The research quality is consistently strong, and what's particularly notable is how many submissions are coming from researchers based in the region. The global research community continues to grow, and this year's selections really demonstrate that strength."

Top 5 Review Board Selections

  1. Qualcomm BootROM: A Journey Through Sahara

    Researchers: Alexander Kozlov and Sergey Anufrienko

    Cuthbert shared: "The researchers dug into Emergency Download Mode and the Sahara protocol, showing how functional weaknesses at the BootROM layer can break cryptographic verification in the Secure Boot chain. When something is wrong that deep, you can't patch your way out. Physical access leading to full modem subsystem compromise isn't just a clever exploit–it's a reminder that we need to scrutinize hardware trust anchors as hard as we do userland code."

  2. We'll Eat Your Serial for Breakfast: Exploiting Serial-to-IP Converters in Critical Infrastructure

    Researchers: Stanislav Dashevskyi and Francesco La Spina

    Marina Krotofil, Black Hat Asia Review Board member and Security Consultant at mk|security, shared: "This talk will include an in-depth security analysis of serial converters widely used in OT environments. Hidden deep in the OT infrastructure, these devices are often seen as 'trusted' and hence frequently excluded from risk assessment. Additionally, this research supports the notion of 'deep lateral movement' first introduced at Black Hat Asia 2023 in the talk 'Nakatomi Space: Lateral Movement as L1 Post-exploitation in OT'."

  3. RebirthDay Attack: Reviving DNS Cache Poisoning with the Birthday Paradox

    Researchers: Xiang Li, Yuqi Qiu, Mingming Zhang, Zuyao Xu, Lu Sun, and Fasheng Miao

    Cuthbert added: "These researchers revisited DNS cache poisoning with their RebirthDay attack, finding weaknesses in ECS extension handling that effectively bring back the Birthday attack model. Most people assumed that was solved. It wasn't. The impact spans resolvers, router vendors, and public DNS services. They discovered fifty CVEs across multiple vendors with broad vendor engagement. This isn't theoretical work."

  4. TORCHLIGHT: Shedding LIGHT on Real-World Attacks on Cloudless IoT Devices Concealed within the Tor Network

    Researchers: Yumingzhi Pan, Zhen Ling, Yue Zhang, Hongze Wang, Guangchi Liu, and Junzhou Luo

    Krotofil highlighted: "This research provides a large-scale analysis of the real-world exploitation of IoT devices performed over the Tor network, uncovering 29 zero-day exploits among other fascinating observations about attackers' activities and capabilities."

  5. One Char to Rule Them All: Systematically Exploring and Exploiting DNS Silent Vulnerabilities in Domain Name Resolution

    Researchers: Fasheng Miao, Xiang Li, Changqing An, and Jilong Wang

    Ty Miller, Black Hat Asia Review Board member and Managing Director at Threat Intelligence Pty Ltd., noted: "These researchers uncovered DNS logic flaws that have gone unnoticed for decades. This is an attack with the kind of internet‑shaking potential we haven't seen in a long time. I'll 100% be watching this one."

Image features a packed audience during one of the Briefings from Black Hat Asia 2025.

Real-World Applications and Industry Impact

The Review Board's top selections represent more than just academic research, as they offer practical insights and actionable intelligence that security professionals can immediately apply to strengthen their organizations' defenses.

From hardware vulnerabilities to DNS attacks, these presentations will cover emerging threat vectors, innovative attack techniques, and corresponding defensive strategies that are reshaping the cybersecurity landscape.

Reflecting on what makes this year's program special, Cuthbert shared: "That's what I love about Black Hat Asia. Research that goes after trust boundaries at their root, whether in silicon or core internet infrastructure, and follows through with real-world impact. All the talks are off the scale. Bring on Singapore."

The strength of this year's program extends beyond these top selections. Fyodor Yarochkin, Black Hat Asia Review Board member and Senior Threat Researcher at Trend Micro Research, added: "This year we had a surprising amount of really good submissions covering offensive AI. So many that we couldn't accommodate all of them in the program. But the quality of the submissions this year is impressive."

Beyond the Top 5

While these five presentations have captured the Review Board's highest recommendations, the complete Briefings program features dozens of additional sessions covering:

  • AI, Machine Learning, & Data Science
  • Application Security
  • Cloud Security
  • Cyber-Physical Systems & IoT
  • Threat Hunting & Incident Response

Join the Conversation

Black Hat Asia 2026 brings together the global cybersecurity community's brightest minds, from seasoned researchers to emerging talent, all united in advancing the field's knowledge and capabilities. These presentations will spark discussions, forge new collaborations, and drive innovation that extends far beyond the conference walls.

Registration is now open for Black Hat Asia 2026. Don't miss your opportunity to witness these groundbreaking research presentations firsthand and engage with the experts shaping cybersecurity's future.

Learn more and register HERE.

View the Briefings schedule HERE.

Stay tuned for detailed abstracts and presenter profiles as we approach the conference. Follow us on X and LinkedIn for the latest updates and insights from Black Hat Asia 2026.

Top Sponsors and Partners of Black Hat Asia 2026 include:

  • Platinum Sponsors: Bitdefender, Broadcom, Concentric AI, SOCRadar Cyber Intelligence, ThreatLocker, and Tines.
  • Silver Sponsors: Corellium, EasyDMARC, Filigran, Fortra, ManageEngine, SecureFlag, Sparrow, Sumo Logic, TuxCare, and Varonis.
  • Sustaining Partners: Armis, Cisco, CrowdStrike, Cyera, Google, ManageEngine, Qualys, SentinelOne, Sophos, Tenable, TrendAI, Varonis, and Wiz.
  • Global Partners: Broadcom, Concentric AI, Corellium, EasyDMARC, HackerOne, Semgrep, ThreatLocker, VulnCheck, and wolfSSL.

Upcoming Events

Blog

Stay Connected

Sign up to receive information about upcoming Black Hat events including Briefings, Trainings, speakers, and important event updates.

Review Board

Training Review Board