RetroCTF 2026: Cybersecurity Conference and CTF Event

We are pleased to invite you to RetroCTF 2026, a cybersecurity-focused conference and Capture The Flag (CTF) event, organized in collaboration with the student interest group Hack Club FERI. The event will take place on May 23, 2026, at the Faculty of Electrical Engineering and Computer Science (UM FERI), University of Maribor, Slovenia, and will be held in English.
RetroCTF brings together researchers, industry professionals, and students to explore current challenges and emerging trends in cybersecurity. The program features a diverse set of expert talks covering topics such as cyber threat detection, artificial intelligence in security, secure software development, authentication technologies, cyber-physical systems, and digital forensics. In addition to the conference sessions, participants will have the opportunity to engage in a hands-on CTF competition designed to test practical cybersecurity skills.
The conference includes the following presentations:
– The Future of Cybersecurity Talent in Slovenia: Insights from the CyberHubs Project
An overview of the cybersecurity workforce landscape, key competencies in demand, and a forecasting model for future workforce needs based on data-driven and expert-informed analysis.
Presented by: Urša Mlekuš
– Cyber House: A Cyber-Physical Testbed for Smart Building Security
Introduction of a realistic smart-building testbed for experimenting with cyber-physical attacks and defenses, highlighting system architecture and practical security challenges.
Presented by: Jani Dugonik, Stanislav Moraus
– No Passwords, No Problem: Understanding FIDO2 and Passkeys
A practical introduction to passwordless authentication, focusing on FIDO2, passkeys, and hardware security keys such as YubiKeys.
Presented by: Martin Ferenec
– Operational Security, from Zero to Company Workflow
Lessons learned from building and improving organizational security infrastructure, processes, and culture.
Presented by: Martin Matvoz (CIO, RAIN Smart Living d.o.o.)
– Advanced Approaches to Detecting Complex Cyber Threats Using Machine Learning
A comparative analysis of machine learning models for detecting advanced cyber threats, emphasizing the effectiveness of ensemble methods.
Presented by: Maja Rotovnik
– Your AI Is Leaking Secrets: Hacking Microsoft Copilot with EchoLeak
A practical demonstration of prompt injection attacks and defenses in AI-powered systems, based on a real-world vulnerability case.
Presented by: Adnan Bratanović
– Exploit Arena: A Gamified Red vs. Blue Team Platform for Cyber Threat Simulation
Presentation of a research platform simulating adversarial interactions between attackers and defenders using machine learning and large language models.
Presented by: Jani Dugonik, Damijan Novak
– Securing Your Software Supply Chain
A walkthrough of implementing trust and transparency in CI/CD pipelines using tools such as Cosign, Kyverno, and Kubernetes.
Presented by: Matic Rupnik
– What Your iPhone Knows About You: An Introduction to iOS Forensics
An introduction to forensic analysis of iOS devices, including data sources, artifacts, and practical limitations.
Presented by: Martina Tivadar
– Automated Information Security Threat Modeling
Presentation of STRIDEX, an open-source tool for deterministic and automated threat modeling based on the STRIDE methodology.
Presented by: Nika Jeršič
Why Attend?
RetroCTF 2026 offers a unique combination of theoretical insights and practical experience. Attendees will gain exposure to cutting-edge research, real-world case studies, and hands-on challenges. The event is ideal for students, researchers, developers, and cybersecurity professionals interested in expanding their knowledge and engaging with the local and international cybersecurity community.
Agenda:
8:30 – 9:00 Registration
9:00 – 9:15 Opening Remarks and CTF Game Rules
9:15 – 18:00 Capture The Flag
9:15 – 10:30 Session #1: Securing Tomorrow’s Cyber Talent and Infrastructure
The Future of Cybersecurity Talent in Slovenia: Insights from the CyberHubs Project
Urša Mlekuš
Cyber House: A Cyber-Physical Testbed for Smart Building Security
Jani Dugonik, Stanislav Moraus
No Passwords, No Problem: Understanding FIDO2 and Passkeys
Martin Ferenec
10:30 – 10:45 Coffee Break
10:45 – 11:30 Session #2: Invited talk: RAIN Smart Living d.o.o.
Operational Security, from zero to company workflow
Martin Matvoz CIO, RAIN Smart Living d.o.o.
11:30 – 11:45 Coffee Break
11:45 – 13:00 Session #3: Attacking and Defending with AI
Advanced approaches to detecting complex cyber threats using machine learning
Maja Rotovnik
Your AI Is Leaking Secrets: Hacking Microsoft Copilot with EchoLeak
Adnan Bratanović
Exploit Arena: A Gamified Red vs. Blue Team Platform for Cyber Threat Simulation
Jani Dugonik, Damijan Novak
13:00 – 14:00 Lunch
14:00 – 15:15 Session #4: End‑to‑End Security: Code, Cloud and Device
Securing your Software Supply Chain
Matic Rupnik
What Your iPhone Knows About You: An Introduction to iOS Forensics
Martina Tivadar
Automated information security threat modeling
Nika Jeršič
15:15 – 18:00 Time to network and play CTF
18:00 Closing Remarks and Award Ceremony
Maribor, Slovenia, Slovenia