overused

BSides Belgrade CTF is LIVE. March 28 | 10:00 CET Form your team (up to 4) or go solo and test your skills on real-world challenges. Prizes for top teams (on-site only). Join Discord: discord.gg/bsidesbelgrade See you on the battlefield.

spektakl analiza @ShareConference hakovane baze podataka iz telekoma: 300k+ građana incl. biznisi, incl. mup, vojska... sharefoundation.info/tvoji-podaci-n…

Hakovanje Telekoma i bezbednost podataka: Resornoj inspekciji nedostaje trećina ljudi, automobil dele sa još dve inspekcije forbes.n1info.rs/biznis/propisi…

Sajt APR-a se raspada. Ne mogu da podnesem finansijski izveštaj. Od sinoć pokazuje ovo na slici, a od jutros ni prijava na sistem ne funkcioniše.

Today i learned, someone have created a SFP+ module to bypass AT&T Routers. the module have a open config, that allows you to copy paste the info from the AT&T config and bypass having to use the ISP routers the module is 100$ and then you need a router with sfp+

🤩 CTI Workshop @ BSides Belgrade Turn threat intelligence into real defense. Learn to analyze threats, map TTPs with MITRE ATT&CK, and build actionable detections for SIEM, EDR & more — hands-on with OpenCTI. 👩‍💻 Led by Anna Mikhaylova See you soon 🔥

@DailyDarkWeb @sicert

Slovenia 🇸🇮 - Energetika Ljubljana allegedly suffered a breach exposing 2 TB of national energy infrastructure documents, including technical drawings and engineering certificates for the TE-TOL project. dailydarkweb.net/energetika-lju…

🚨 𝗦𝗩𝗚 𝗦𝗺𝘂𝗴𝗴𝗹𝗶𝗻𝗴 𝗖𝗮𝗺𝗽𝗮𝗶𝗴𝗻 𝗛𝗶𝘁𝘀 𝗖𝗼𝗹𝗼𝗺𝗯𝗶𝗮𝗻 𝗢𝗿𝗴𝗮𝗻𝗶𝘇𝗮𝘁𝗶𝗼𝗻𝘀 We’re seeing a surge in a #phishing campaign targeting government, finance, oil and gas, and healthcare sectors in Colombia ⚠️ Attackers distribute Spanish-language emails with an attached SVG file. The file is not a static image but an active SVG containing embedded JavaScript that uses SVG smuggling to reconstruct the next stage locally via a blob URL, without fetching a payload from external resources. The browser then generates an intermediate HTML lure that mimics document preparation, and from embedded data creates a password-protected ZIP archive for the user to open. ❗️ This kind of attack can blur early-stage visibility for SOC teams. SVG smuggling, blob objects, and legitimate Windows components break the compromise into weak signals, making detection and investigation harder in the early stages. ⚡ #ANYRUN Sandbox allows analysts to quickly reconstruct 𝘁𝗵𝗲 𝗳𝘂𝗹𝗹 𝗲𝘅𝗲𝗰𝘂𝘁𝗶𝗼𝗻 𝗰𝗵𝗮𝗶𝗻: SVG smuggling ➡️ Blob-based HTML lure ➡️ Password-protected ZIP ➡️ Notificacion Fiscal.js (launcher / execution handoff) ➡️ radicado.hta (dropper) ➡️ J0Ogv7Hf.ps1 (script-based RAT / Vjw0rm-like implant) ➡️ C2 communication ✅ This helps security teams connect scattered artifacts faster, expose hidden delivery stages, and confirm malicious activity before the attack moves further. 👨‍💻 Learn how #ANYRUN helps detect complex threats faster: any.run/features/?utm_…

@ivanhoe011 Nije ai, meni se to desilo pre ai ere, a i (ai) inace ga retko koristim.

Ne znam sta se sa mojim mozgom desava, jel od previse neta ili sam naprosto izlapeo i izgubio koncentraciju sa godinama, ali primecujem da sve vise pravim gramatickih i stilskih gresaka kad kucam (o typos da ne pricamo). Zarezi su mi postali potpuno random pojava...

Dear web dev, Don't put Stripe API keys into the database. One SQL injection and a script kiddie drains your bank account via direct debit

Sredinom 80ih sam kodirao igre za #ZXSpectrum. Dve su zvanično izdate na audio kasetama, izdavača Suzy (ZG, CRO), negde 1987-1988. Napokon sam napravio mini web o tome: majstors.com

@HeyoAleks Koi vosak si uzeo?

Kupio sam tečni vosak u spreju da izglancam Fiestu posle pranja jbt auto mi ima bolju kozmetiku od mene samog

🚨 CYBERINTEL ALERT: Final and Massive Leak of the Serbian Business Registry (2026) 🇷🇸💼 Our platform has identified that, following a 24-hour ultimatum, the threat actor Zeus_kos has proceeded with the release of a massive data package from Serbia's Business Registers Agency (APR). Victim: APR Serbia (Business Registers Agency) 🏛️. Threat Actor: Zeus_kos 🎭. Final Volume: 2.15 GB of critical data. Date: March 21, 2026 🗓️. Exfiltrated Highly Sensitive Content: Unlike the initial sample, this package contains scanned files and complete legal documents: 🔹 Biometric Documentation: Scans of IDs, passports, and JMBG numbers (Unique Identification Numbers). 🔹 Financial: Bank statements, credit ratings, and ultimate beneficial owner declarations. 🔹 Legal: Notarized contracts and qualified electronic signatures. 🔹 Location: Data on real estate owners and law firms based in Belgrade. Monitor: analyzer.vecert.io #CyberSecurity #Serbia #APR #DataBreach #ZeusKos #InfoSec #CyberAlert #BusinessRegistry #Belgrade

@Miss_Cybernaut RATEL propisuje regulative za telko operatere.

@bashgrylls Po nekoj logici (koja je u Srbiji odavno u iščezavanju) Ministarstvo bi trebalo da sprovede nspekcijski nadzor. Oni treba da provere da li Telekom, kao strateški važan sistem, uopšte poštuje bezbednosne protokole koje država nalaže. Ali to se neće desiti. Izveštaji će biti OK ✅

Podaci stotine hiljada korisnika završili na internetu. Nadležni CERT se ućebao.

🚨 Zlonamerni akter koji je kompromitovao Telekom sada tvrdi da je kompromitovao APR! Tvrdi da poseduje bazu sa skeniranim ličnim dokumentima, finansijskim izveštajima, evidencije vlasništva... Podelio je i uzorak dokumenata sa CEOP-a Više detalja na bezbedanbalkan.net/thread-2349.ht…

New ZAP Blog Post: Introducing DeepViolet: The Engine Behind ZAP’s New TLS Analysis zaproxy.org/blog/2026-03-1… Thanks to @javamuffinztx

🔥 54 EDR killers now use BYOVD, abusing 34 signed drivers to reach kernel access. Ransomware operators deploy them first to disable defenses, not evade detection inside the encryptor. Evasion has moved out—into dedicated tools built to break EDR reliably. 🔗 Tools, tactics, and defensive gaps explained → thehackernews.com/2026/03/54-edr…

🚨 NEW VIDEO DROP FROM PANDA 🐼 I got a full walkthrough of @ThruntingLabs from @Kostastsale and this platform is different - no simulations. You are investigating REAL intrusions with REAL telemetry - query actual EDR logs in Elastic, Splunk, or Azure Log Analytics. If you're in blue team / SOC / IR or aspiring to be - I highly recommend checking it out 🔗 youtube.com/watch?v=YC-E5D…