Marius Avram

@NicusorDanRO “Ne alăturăm dar nu ne implicăm” Cum plm vine asta? 🤣

Am decis să ne alăturăm declarației Regatului Unit, Franței, Germaniei, Italiei, Olandei și Japoniei privind asigurarea în Strâmtoarea Ormuz a libertǎții de navigație, principiu fundamental al dreptului internațional. Alăturarea României la acest demers are loc pe fondul implicațiilor grave pe care închiderea Strâmtorii le are asupra piețelor energetice globale, precum și asupra economiei mondiale. Efectele sunt resimțite și în Romania, în special în ceea ce privește prețul combustibililor. În acest sens, suntem pregătiți să participăm la eforturile comunității internaționale care vor conduce la menținerea preturilor la un nivel suportabil pentru populație. România își păstrează decizia clară de a nu se implica în conflictul din Orientul Mijlociu și lucrăm alături de partenerii internaționali pentru dezescaladare. Textul integral al declaratiei: presidency.ro/ro/media/comun…

During some free time I ended up doing some research on something I never really thought about before: using Windows toast notifications for user manipulation. I ended up writing a BOF and a blog post about it, hope it's useful! brmk.me/2026/03/18/toa…

He’s gone, but rumor has it, Chuck Norris is training in the afterlife, so death better behave.

RIP Chuck Norris: the man, the myth, the eternal legend!

Google Threat Intelligence Group has identified DarkSword, a new iOS exploit chain leveraging six zero-day vulnerabilities. Multiple threat actors are actively using it to deploy malware payloads. Update your devices or enable Lockdown Mode. 👉 bit.ly/4bRveEz

(EXCLUSIVE) New investigation: Who runs Cl0p ransomware? Months of reporting, cross-referencing forum records, dossiers, and confidential sources identifies the group's operators, developers, access brokers, and infrastructure. rmoskovy.github.io/posts/who-runs… #Ransomware #Cl0p #ThreatIntel #osint #clop #security #research

A journalist being hacked with Paragon’s ‘ethical’ spyware has “been massively inconvenient both to the Italian government and to Paragon Solutions,” @jsrailton told the Guardian: theguardian.com/world/2026/mar…

Your broker shows you charts. Gridline shows you why the charts are moving. 🌍 → 💥 Live conflicts, sanctions, and trade disruptions → 📡 GPS jamming and maritime vessel movements → 🔥 Wildfires, earthquakes, and weather events in real-time → 📊 Polymarket odds next to breaking news → 🛢️ Commodity markets, housing data, macro indicators → 🗺️ 22+ OSINT layers on a single dashboard One map. Every signal that moves markets. Free to use. Link in comments.

BREAKING: The U.S. Government secretly registers the aliens​.gov domain name.

From Enumeration to Findings: The Security Findings Report in EntraFalcon: blog.compass-security.com/2026/03/from-e…

March 1st incident report On March 1, 2026, Bitrefill was the target of a cyberattack. Based on indicators observed during the investigation - including the modus operandi, the malware used, on-chain tracing and reused IP + email addresses (!) - we find many similarities between this attack and past cyberattacks by the DPRK Lazarus / Bluenoroff group against other companies in the crypto industries. The initial access originated through a compromised employee laptop, from which a legacy credential was exfiltrated. That credential provided access to a snapshot containing production secrets. From there, the attackers were able to escalate their access to our broader infrastructure, including parts of our database and certain cryptocurrency wallets. We first detected the incident after noticing suspicious purchasing patterns with certain suppliers. We realized that our gift card stock and supply lines were being exploited. At the same time we found some of our hot wallets being drained and funds transferred to attacker-controlled wallets. The moment we identified the breach, we took all of our systems offline as part of our containment response. Bitrefill operates a global e-commerce business with dozens of suppliers, thousands of products, and multiple payment methods across many countries. Safely switching all these things off and bringing them back online is not trivial. Since the incident, our team has been working closely with top industry security researchers, incident response specialists, on-chain analysts and law enforcement to understand what happened and how we can prevent it from happening again. A sincere thank you to @zeroshadow_io, @SEAL_Org, @RecoverisTeam and @fearsoff for their rapid response and support throughout this ordeal. What about your data Based on our investigation and our logs we don’t have reason to think that customer data was the target of this breach. There is no evidence that they extracted our entire database, only that the attackers ran a limited number of queries consistent with probing to understand what there was to steal, including cryptocurrency and Bitrefill gift card inventory. Bitrefill was designed to store very little personal data. We are a store, not a crypto service provider. We don’t require mandatory KYC. When a customer chooses to verify their account - e.g. to access higher purchasing tiers or certain products - that data is kept exclusively with our external KYC provider, with no backups in our system. Still, based on database logs, we know that a subset of purchase records was accessed and we want to be transparent about that. Around 18,500 purchase records were accessed by the attackers. Those records contained limited customer information, such as email addresses, crypto payment address, and metadata including IP address. For approximately 1,000 purchases, specific products required customers to provide a name. That information is encrypted in our database. However, since the attackers may have gotten access to the encryption keys, we are treating this data as potentially accessed. Customers in this category have already been notified directly by email. At this time, based on the information currently available, we do not believe customers need to take specific action. As a precaution, we recommend remaining cautious of any unexpected communications related to Bitrefill or crypto. If this assessment changes, we will of course immediately inform those affected. What we are doing We have already significantly improved our cybersecurity practices, but vow to continue to draw learnings from this experience to make sure user and company balances and data remain maximally safe. Specifically we’re: -Continuing thorough cybersecurity reviews and pentests with multiple external experts and implementing recommendations; -Further tightening internal access controls; -Further improving logging and monitoring for faster detection and more effective response; and -Continuing to refine and test our incident response procedures and automated shutdown procedures. The bottom line Getting hit by a sophisticated attack sucks (a lot). We’ve been in business for over 10 years and it’s the first time we’ve been hit this hard. But we survived. Bitrefill was designed to limit the impact if something like this ever happened. Bitrefill remains well funded, has been profitable for several years and will absorb these losses from our operational capital. Almost everything is back to normal: payments, stock, accounts. Sales volumes are also back to normal, and we are eternally thankful to our customers for your continued confidence in us. We will continue to do our best to continue deserving your trust. Thank you!

Spent a week testing AI for vulnerability research. 14 confirmed bugs in 20 min on one target. 5% hit rate on a hardened one. Same AI, same setup. 4 approaches, what worked, what failed, why target selection matters more than model sophistication. xclow3n.github.io/post/7

Tool that uses AI to hack AI. Think sqlmap, but for prompt injection. You write your goal in plain English. "reveal the system prompt." "extract the hidden password." "bypass the content filter." One command does the rest. llmmap -r request --goal "reveal the hidden password" It finds injection points in your HTTP request automatically. A Generator LLM reads your goal and crafts targeted attack prompts using instruction manipulation, context poisoning, delimiter injection, guardrail probing, and dozens more techniques. Two AIs. One attacks. One judges. Neither sees the other's work. 227 techniques across 18 attack families. Four obfuscation methods that repackage the same attack as base64, homoglyphs, leet speak, or a different language. Five intensity levels from a quick scan to throwing everything at the wall. Statistical retesting on every finding so nothing in your report is a false positive. Runs fully local with Ollama. No API keys. Also supports OpenAI, Anthropic, and Google.

Inside the Infostealer Economy: Credential Threats in 2025 recordedfuture.com/blog/identity-…

HorusEye: I Built an AI-Assisted Active Directory Attack Platform After 1000+ CTF Rooms @OmarTamer0/horuseye-i-built-an-ai-assisted-active-directory-attack-platform-after-1000-ctf-rooms-7f0ace21895c" target="_blank" rel="nofollow noopener">medium.com/@OmarTamer0/ho…

JUST IN: Australian man cures his dog’s cancer by uploading its DNA to ChatGPT to design a custom vaccine from scratch.

Can't secure what you can't see. 👁️ Introducing Pius — our open-source Go binary for external attack surface mapping. Queries all 5 Regional Internet Registries, CT logs, and 20+ intel sources in parallel. Confidence scoring, no noise. 🛡️ 🔗 buff.ly/2eDGcGb #OffensiveSecurity #OpenSource #Recon

"This is Maven Smart System—Palantir’s software as a service product that we are deploying across the entire department."

@ukinuae wtf?

UAE authorities warn against photographing, posting, or sharing images of incident sites or projectile damage as well as government buildings and diplomatic missions. British nationals are subject to UAE laws, violations may lead to fines, imprisonment, or deportation. #UKUAECR26

MISATTRIBUTION: Dmitry Khoroshev is not LockBitSupp. He appears to be a LockBit developer, not the leader. Evgeny Dementyev is LockBitSupp and the leader of LockBit. Evidence: justpaste.it/iw99v justpaste.it/lmbkf justpaste.it/mxfxz justpaste.it/il812 justpaste.it/dz1qv #Cronos @FBI @Europol