Z3RO

This actually happened. Nigeria Police Force confirmed it. January 28, 2026. A Nigerian telecommunications company noticed something strange in its billing and payments system. Airtime was leaving. Data was disappearing. At scale. They filed a petition with the police. What investigators found: internal staff login credentials had been compromised. Someone on the inside or someone who got to someone on the inside had handed over access to the company's core billing infrastructure. Six suspects were eventually arrested across three states. Operations in Kano. Katsina. Then a follow-up in Abuja. What police recovered from them: Two residential houses. Two mini-plazas. GSM and laptop retail outlets. Over 400 laptops. 1,000 mobile phones. A Toyota RAV4. Total diverted: ₦7.7 billion in airtime and data. Think about what ₦7.7 billion in airtime looks like. It is not cash sitting in a vault. It is digital credits generated, distributed, and resold through a network of retail outlets before anyone noticed the source was stolen. The telco's billing system treated every diversion as a legitimate transaction. Because the credentials used were legitimate. That is the nature of credential compromise attacks. The system does not know it is being robbed. It just sees an authorised login doing authorised things. What stops this: Multi-factor authentication on every internal system especially billing and payments infrastructure. Anomaly detection on privileged accounts that flag unusual transaction volumes, unusual hours, unusual locations. Principle of least privilege... staff should only access exactly what their role requires. Nothing more. Credential compromise is not a sophisticated attack. It is the most common attack vector in Nigeria's tech ecosystem right now. And it is working. ₦7.7 billion worth of airtime says so.

Going to sleep after drinking New wine for 3 hours 12 minutes

@real_Ifyarts Hallelujah to the One who opens His Arms and satisfies every living thing🙌🙌

Amen is the end of all arguments #NewWineTheAlbum

@real_Ifyarts 10 songs 3h 12 mins, Make we dey enjoy am like that

1 Hour gone we're still on track 4 #NewWineTheAlbum

@real_Ifyarts Omo today go long 🔥

There is breath in my lungs Live in my body Joy in my spirit So I Praise The Lord!!! #NewWineTheAlbum

Mood for #NewWineTheAlbum

Hi @victorosimhen9 I gave up my dream to become a professional footballer to pursue a career in cybersecurity. It has been over 4 years now since i made that decision and there is a professional certification exam (OSCP) that costs $1,749 that i have been wishing to write.

@Olufela_Jr Congratulations

coming here to casually drop that I passed the OSCP exam and maybe the ultimate reason I went offline, I have a lot to write, but first I would like to say thank you to everyone of you, my community for your support, this is by far one of the nicest things to happen to me,

I was sent a file recently. Nothing unusual at first. Just a simple executable someone claimed was a “tool” for automating some work. The file name looked normal. The size was not suspicious. Even the icon looked like a regular application. Most people would open it without thinking twice. But something about it did not sit right with me. Before running anything, I decided to check it properly. I started with basic inspection just to see what the file contains. Immediately, I noticed something strange. There were readable strings inside the file that should not be there if it was just a normal tool. IP addresses. URLs. Commands. That was the first sign this was not what it claimed to be. So, I went deeper. Instead of running it directly, I analyzed it and monitored what it was trying to do. The file was attempting to reach out to an external server the moment it was executed and it needed no user action. Just opening it was enough. Below is exactly what I saw on my terminal.

Once an attacker has a foothold inside a network, shared storage becomes one of the fastest ways to understand the environment. Internal SMB shares often contain scripts, onboarding documents, backups, configuration files, and exported data that were never meant to be broadly accessible. Pentest+ expects you to recognise that lateral movement is not only about remote code execution. It is also about inherited trust and weak internal permissions. In the terminal below, I am enumerating SMB shares on an internal file server from a compromised host. The goal is not to exploit the server. The goal is to discover what the organisation already made available to authenticated users. The moment a readable share exposes deployment notes, credential references, or internal documentation, the attacker gains operational knowledge that can be reused across systems. This is why internal shares are so dangerous. They feel normal to staff, but to an attacker they function like a map, a toolbox, and a memory dump at the same time.

I have no issues with people who vibe-code but when developers use it to build e-commerce websites or sites that store client personal information, that’s where problems can start. I recently reached out to a developer on TikTok to inform her about a vulnerability I discovered in one of her projects. Surprisingly, she didn’t seem to take it seriously and even dismissed the idea that hacking vulnerabilities like this exist. After that, my team (@hack_ademy) investigated further and found that the AI-generated code had created an unsecured database viewer intended for client use. This exposed sensitive data. We were also able to query the sql db through the terminal. We’ve since contacted her again, explaining the issue and showing the specific security flaws in the AI-generated code, We received a response and she promised to patch before April 2nd. Devs, when coding a site that will hold customer information be careful. I do not condone ruining anyone’s business or spoiling anyone’s name but the right thing must be done!

My new pencil art on paper. Shadows of the evening II

@cyber_rekk Person wey no mad no fit stay for cybersecurity normally

Everyone on the cybersecurity side of tech twitter is very mad

@jay_hunts Yes, the community is always active when they happen

Should we bring back the cybersecurity games and competitions? Plus giveaways?

@segoslavia @cyber_rekk Make that moon wait till Thursday abeg

@cyber_rekk Too late

Not Friday & Monday??😭😭😭

@jay_hunts @LaurenHaun71617 This is great 🔥🔥

I got great news to share for the entire cybersecurity community! ...On the 29th of this month, we will have a unique space!!!! A Career Fair day!! Get ready!! We'd simulated interview preps and would also be having recruiters on the space,

Are you tired of cybersecurity? Dm to join NURTW

I just built a platform for GRC compliance guys and IT auditors to test their knowledge with practical projects!!! Means they'd have real world projects on the platform to play with and understand what's needed on the field! .....

Croc City Cyber Meetup, Kaduna, Nigeria 🇳🇬 The February edition of the Croc City Cyber Meetup successfully gathered cybersecurity enthusiasts, professionals, and students from across Kaduna. The event focused on three core pillars: Mentorship, Technical Skill Acquisition, and Community Innovation. Through a blend of panel discussions and live technical demonstrations, the meetup addressed the critical need for a structured security ecosystem in Northern Nigeria. Panel Discussion: The Human Side of Cyber A diverse panel of experts led a deep dive into the non-technical hurdles of a security career. Key talking points included: •Career Paths: Mapping out roles from Pentesting and GRC to Security Operations. •The Beginner’s Roadmap: Practical advice on how to start from scratch without getting overwhelmed. •Overcoming Impostor Syndrome: A candid conversation on the psychological barriers in tech and the importance of community support. •Open Q&A: A high-engagement segment where participants received direct answers to questions. Technical Demonstrations (Live Labs) The technical segment moved from theory to practice with hands-on showcases: •Penetration Testing: A walkthrough using HTB Academy environments, demonstrating the methodology of an ethical hack from reconnaissance to exploitation. •Network Analysis with Wireshark: Participants were taught how to capture and inspect packets, identify anomalous traffic, and understand the "language" of the network. Tool Spotlights & Community Innovation The meetup highlighted essential industry tools and homegrown solutions: •HashiCorp Vault: An introduction to identity-based secrets management and the importance of securing sensitive data in the cloud. •Vuln Hunter: In a proud moment for the community, a web security assessment tool developed by one of our own members was introduced. Vuln Hunter streamlines vulnerability discovery by integrating community-driven tools into a high-efficiency workflow.