HackSpire'26 · FIEM ACM Student Chapter
Security Policy
Last updated: June 26, 2026
Overview
The FIEM ACM Student Chapter takes the security of HackSpire'26 and its participants seriously. If you believe you have found a security vulnerability in any of our systems, we encourage you to notify us responsibly so we can investigate and address it promptly.
Scope
The following assets are in scope for security research:
- hackspire.tech (primary website)
- 2025.hackspire.tech (archived HackSpire'25)
- Any subdomains under hackspire.tech
The following are out of scope:
- Denial of Service (DoS / DDoS) attacks
- Social engineering or phishing of team members
- Physical security issues
- Vulnerabilities in third-party services (Vercel, ImageKit, etc.)
- Issues that require physical access to a device
How to Report
Please send all vulnerability reports to acmfiem@gmail.com with the subject line [Security] HackSpire Vulnerability Report.
Your report should include:
- A description of the vulnerability
- Steps to reproduce the issue
- The potential impact
- Any relevant screenshots or proof of concept (if safe to share)
Our Response
- We will acknowledge receipt of your report within 72 hours
- We will investigate and keep you informed of our progress
- We will notify you when the vulnerability has been resolved
- With your permission, we are happy to credit you in our acknowledgements
Safe Harbor
We consider good-faith security research to be a valuable contribution. If you conduct research in a responsible manner — avoiding privacy violations, data destruction, or disruption to our services — we will not pursue any legal action against you and will work with you to understand and resolve the issue.
Contact
For security issues, email acmfiem@gmail.com. For all other enquiries, reach us on Discord.