zh4ck's Avatar

zh4ck

@zh4ck.bsky.social

Evolve or Die! Head of Vuln Research Lab at CUJO AI Volunteer at IoTVillage Hackersuli Meetup Hacktivity @zh4ck@infosec.exchange NetRunner, Shaper

133 Followers  |  681 Following  |  26 Posts  |  Joined: 25.11.2023  |  1.7307

Latest posts by zh4ck.bsky.social on Bluesky


Post image

about to find every single vulnerability out there πŸ’ͺ

18.02.2026 22:47 β€” πŸ‘ 8    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Wendy's cash register displaying "ALL YOUR BASE ARE BELONG TO US"

Wendy's cash register displaying "ALL YOUR BASE ARE BELONG TO US"

Never has such a meme swept the earth. At one point the HP .com homepage title bar said "All your base are belong to us". My local Wendy's had it scrolling on the cash register: (pic is from June 2001)

17.02.2026 06:59 β€” πŸ‘ 23    πŸ” 6    πŸ’¬ 0    πŸ“Œ 0

Me, to my watch: What time is it
My watch (on screen): It is 12:14:36
My watch (speaking): It is twelve, two, thirty six

Google has invented a watch that doesn't understand time

31.01.2026 08:20 β€” πŸ‘ 76    πŸ” 11    πŸ’¬ 2    πŸ“Œ 1

Supply chain attack on eScan antivirus


securelist.com ->

A threat that's many people warned about for a long time. A bit ironic to read this on Kaspersky's site...

h/t @zh4ck


Original->

31.01.2026 12:57 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0

Hadn't realised that the third party review of Twitter's chat protocol had been published and wow github.com/trailofbits/...

28.01.2026 18:21 β€” πŸ‘ 119    πŸ” 35    πŸ’¬ 2    πŸ“Œ 6
Preview
Revealed: Leaked Chats Expose the Daily Life of a Scam Compound’s Enslaved Workforce A whistleblower trapped inside a β€œpig butchering” scam compound gave WIRED a vast trove of its internal materialsβ€”including 4,200 pages of messages that lay out its operations in unprecedented detail.

A whistleblower trapped inside a β€œpig butchering” scam compound gave WIRED a vast trove of its internal materialsβ€”including 4,200 pages of messages that lay out its operations in unprecedented detail. www.wired.com/story/the-re...

27.01.2026 11:02 β€” πŸ‘ 242    πŸ” 90    πŸ’¬ 2    πŸ“Œ 8
Post image 27.12.2025 08:41 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

According to people smarter than me one needs 2330 logical qubits to break Bitcoin. I will not hold my breath until such quantum computer is built …

19.11.2025 18:08 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

According to people smarter than me one needs 2330 logical qubits to break Bitcoin. I will not hold my breath until such quantum computer is built …

19.11.2025 18:07 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
DEF CON 33 - How Not to IoT:Lessons in Security Failures - Zoltan "zh4ck" Balazs
YouTube video by DEFCONConference DEF CON 33 - How Not to IoT:Lessons in Security Failures - Zoltan "zh4ck" Balazs

My DEF CON 33 talk about "How Not to IoT:Lessons in Security Failures" is available on YT \o/ www.youtube.com/watch?v=TTdK...

28.10.2025 13:57 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
Inside the Synthient Threat Data Where is your data on the internet? I mean, outside the places you've consciously provided it, where has it now flowed to and is being used and abused in ways you've never expected? The truth is that ...

With support from Synthient, we've just pushed out a corpus of 183M stealer log victims to @haveibeenpwned.com. We'd never seen 16.4M of those before, either, so there's a lot of new stuff in there, and that's just the first part. More here: www.troyhunt.com/inside-the-s...

21.10.2025 19:25 β€” πŸ‘ 9    πŸ” 4    πŸ’¬ 0    πŸ“Œ 0
Post image

(comic) Bedtime story

20.10.2025 19:38 β€” πŸ‘ 36    πŸ” 6    πŸ’¬ 0    πŸ“Œ 2

I'd like to propose that hackers are the opposite, typically the "bringers of bad news". But we need a better word for this.

Given that the Greek word of the same era for "bad/badly" is either δυς/dys or ΞΊΞ±ΞΊΞΏ/caco, but predominantly the first.

The word would be 'dysangelist'. Tech Dysangelism.

19.10.2025 17:28 β€” πŸ‘ 24    πŸ” 7    πŸ’¬ 2    πŸ“Œ 0

October is Cybersecurity Awareness Month! Please be aware of cybersecurity. If you encounter cybersecurity, DO NOT APPROACH IT. Back away slowly. Protect children and pets. Make noises to scare it away.

13.10.2025 15:08 β€” πŸ‘ 21    πŸ” 5    πŸ’¬ 1    πŸ“Œ 1
Preview
Bose SoundTouch home theater systems regress into dumb speakers Feb. 18 Ending support for SoundTouch may help Bose avoid a Sonos situation.

People who have spent hundreds or even thousands of dollars to equip their home with SoundTouch audio have been frustrated about their gadgets losing some of their most coveted features soon.

13.10.2025 15:39 β€” πŸ‘ 18    πŸ” 2    πŸ’¬ 5    πŸ“Œ 4
Preview
Toy Train Joins The Internet Of Things [Zoltan] was developing a workshop on Matter for DEF CON, and wanted to whip up a fun IoT project to go with it. His idea was simpleβ€”take a simple toy train, and put it on the Internet of Things. S…

You can't stop the Internet of Things, it will be everywhere

hackaday.com/2025/09/30/t...

01.10.2025 05:20 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

New life achievement unlocked - last weekend I presented (a lightning talk) right after the legendary @joegrand.bsky.social a.k.a Kingpin.

Do I have video proof that this happened? No
Do I have witnesses? Yes
Are they gonna testify? No
Do I have circumstantial evidence? Yes

🐊 #HackThePlanet

15.09.2025 07:49 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Preview
Age Verification Is A Windfall for Big Techβ€”And A Death Sentence For If you live in Mississippi, you may have noticed that you are no longer able to log into your Bluesky or Dreamwidth accounts from within the state. That’s because, in a chilling early warning sign

If you think online age verification mandates are the key to holding Big Tech companies accountable, you need to see what’s happening in Mississippi. www.eff.org/deeplinks/2...

13.09.2025 16:03 β€” πŸ‘ 125    πŸ” 62    πŸ’¬ 3    πŸ“Œ 3
Post image Post image Post image Post image 11.08.2025 05:57 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Infosec celebrities I met this week 😊

@malwarejake.bsky.social
@liveoverflow.bsky.social
Viktor Gazdag
@nmatt0.bsky.social
@johnhammond.bsky.social

11.08.2025 05:56 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

So far one of the most interesting stat from #defcon
I am really interested in the back story

10.08.2025 23:28 β€” πŸ‘ 2    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

DEF CON officially arrived to Las Vegas 😜
#defcon

07.08.2025 14:54 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Love me some dumb US news in the morning

...sips coffee

05.08.2025 08:29 β€” πŸ‘ 18    πŸ” 3    πŸ’¬ 1    πŸ“Œ 1

A private hospital in Thailand was fined $37,000 after patient paper records were discovered being repurposed as snack bags

databreaches.net/2025/08/04/t...

05.08.2025 09:00 β€” πŸ‘ 29    πŸ” 5    πŸ’¬ 3    πŸ“Œ 3
Post image

Angelina Jolie was right.

"RISC architecture is gonna change everything."

#HackThePlanet!

05.08.2025 09:02 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image Post image

Pig butchering / investment scams are next level recently. This is how my Viber and X DMs looks like
Is the bot problem solved on X? Asking for a friend

05.08.2025 07:46 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

If you are interested in IoT Security, visit DEF CON Creator Stage 4 this Saturday, LVCC - L2 - W228
defcon.org/html/defcon-...

04.08.2025 14:00 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Video thumbnail

Thumby and Thumby Color: impossibly tiny Game Boys that are actually playable!

Just one inch tall. And yes, they can run Doom.

31.07.2025 15:33 β€” πŸ‘ 307    πŸ” 42    πŸ’¬ 13    πŸ“Œ 8
Post image

Going to BlackHat next week and passionate about reverse engineering? Or, wanting to be? Come hang out with Jos Wetzels and I on the 7th at 11.20am to chat about projects, books and tools you really enjoy, let us know if you're hiring or looking for a job in reverse engineering!

02.08.2025 00:52 β€” πŸ‘ 2    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0

@zh4ck is following 19 prominent accounts