Manuel Bissey
@mbissey.bsky.social
#Cybersecurity and Risk Management Executive @Microsoft. Passionate about #Cyberdefense, #Technology and #Innovation. Views are my own.
Exposed OpenClaw instances are leaking “vibe code” and sensitive data — misconfigured AI tools are becoming open doors. Visibility and hardening can’t be optional. 🔓🤖 #CloudMisconfig #SecureAI
OpenClaw instances open to the internet present ripe targets
: By default, the bot listens on all network interfaces, and many users never change it
buff.ly
February 11, 2026 at 4:23 PM
Exposed OpenClaw instances are leaking “vibe code” and sensitive data — misconfigured AI tools are becoming open doors. Visibility and hardening can’t be optional. 🔓🤖 #CloudMisconfig #SecureAI
Reynolds ransomware embeds a BYOVD driver to disable security tools before encryption — trusted drivers turned into attack enablers. Defense must look below the surface. 🚗💣 #BYOVD #Ransomware
Reynolds Ransomware Embeds BYOVD Driver to Disable EDR Security Tools
Researchers uncover Reynolds ransomware embedding a vulnerable BYOVD driver to kill EDR defenses, signaling advanced evasion in ransomware attacks.
buff.ly
February 11, 2026 at 2:05 PM
Reynolds ransomware embeds a BYOVD driver to disable security tools before encryption — trusted drivers turned into attack enablers. Defense must look below the surface. 🚗💣 #BYOVD #Ransomware
ZeroDayRAT is bringing commercial-grade spyware to the mass market — lowering the barrier to surveillance and scaling targeted abuse. Spyware is going mainstream. 🕵️♂️⚠️ #CommercialSpyware #ThreatEconomy
In Bypassing MFA, ZeroDayRAT Is 'Textbook Stalkerware'
With access to SIM, location data, and a preview of recent SMSes, attackers have everything they need for account takeover or targeted social engineering.
buff.ly
February 11, 2026 at 11:05 AM
ZeroDayRAT is bringing commercial-grade spyware to the mass market — lowering the barrier to surveillance and scaling targeted abuse. Spyware is going mainstream. 🕵️♂️⚠️ #CommercialSpyware #ThreatEconomy
Singapore telecommunications were targeted by UNC3886 in a cyber-espionage campaign — telecoms remain high-value gateways for strategic surveillance. Connectivity is power. 📡🕵️♂️ #CyberEspionage #TelecomSecurity
Singapore telcos breached in China-linked cyber espionage campaign - Help Net Security
Singapore’s four major telecommunications companies were hit by a coordinated cyber espionage campaign last year.
buff.ly
February 11, 2026 at 9:05 AM
Singapore telecommunications were targeted by UNC3886 in a cyber-espionage campaign — telecoms remain high-value gateways for strategic surveillance. Connectivity is power. 📡🕵️♂️ #CyberEspionage #TelecomSecurity
A new Linux botnet, SSHStalker, uses old-school IRC for C2 — retro tactics powering modern compromise. Legacy protocols still make stealthy channels. 🐧📡 #LinuxSecurity #Botnet
New Linux botnet SSHStalker uses old-school IRC for C2 comms
A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations.
buff.ly
February 11, 2026 at 7:39 AM
A new Linux botnet, SSHStalker, uses old-school IRC for C2 — retro tactics powering modern compromise. Legacy protocols still make stealthy channels. 🐧📡 #LinuxSecurity #Botnet
The AI revolution is reshaping CISO budgets for 2026 — automation, detection speed, and response at machine scale are now top priorities. Defending at human pace is no longer enough. 🤖⚡️ #SecurityAutomation #CISOStrategy
AI Revolution Reshapes CISO Spending for 2026: Security Leaders Prioritize Defense Automation
CISO AI Cybersecurity Trends 2026 Glilot Capital survey, AI security budgets, cybersecurity automation, cloud data protection, vendor consolidation.
buff.ly
February 10, 2026 at 4:04 PM
The AI revolution is reshaping CISO budgets for 2026 — automation, detection speed, and response at machine scale are now top priorities. Defending at human pace is no longer enough. 🤖⚡️ #SecurityAutomation #CISOStrategy
Black Basta is bundling BYOVD techniques into ransomware payloads — abusing legit drivers to kill defenses before detonation. When trust is weaponized, detection must go deeper. 💣🧠 #BYOVD #Ransomware
'Reynolds' Bundles BYOVD With Ransomware Payload
Researchers discovered a vulnerable driver embedded in Reynolds' ransomware, illustrating the increasing popularity of the defense evasion technique.
buff.ly
February 10, 2026 at 2:05 PM
Black Basta is bundling BYOVD techniques into ransomware payloads — abusing legit drivers to kill defenses before detonation. When trust is weaponized, detection must go deeper. 💣🧠 #BYOVD #Ransomware
The European Commission flags Ivanti EPMM vulnerabilities — mobile device management is now a prime attack path. Patch fast, audit configs, reduce exposure. 📱⚠️ #MobileSecurity #Vulnerability
European Commission hit by cyberattackers targeting mobile management platform - Help Net Security
The European Commission's mobile device management platform was hacked but no compromise of mobile devices was detected.
buff.ly
February 10, 2026 at 11:05 AM
The European Commission flags Ivanti EPMM vulnerabilities — mobile device management is now a prime attack path. Patch fast, audit configs, reduce exposure. 📱⚠️ #MobileSecurity #Vulnerability
Attackers don’t need AI to crack passwords — they build targeted wordlists from leaked data and habits. Guessing gets smarter when humans stay predictable. 🔐🎯 #PasswordSecurity #CredentialAttacks
Password guessing without AI: How attackers build targeted wordlists
Attackers don't need AI to crack passwords, they build targeted wordlists from an organization's own public language. This article explains how tools like CeWL turn websites into high-success…
buff.ly
February 10, 2026 at 9:05 AM
Attackers don’t need AI to crack passwords — they build targeted wordlists from leaked data and habits. Guessing gets smarter when humans stay predictable. 🔐🎯 #PasswordSecurity #CredentialAttacks
Boomers vs Zoomers in the workplace isn’t just culture — it’s security. Different habits, tools, and risk perceptions are reshaping how organizations defend themselves. People dynamics matter. 🧑💼🧑💻 #CyberCulture #WorkplaceSecurity
Study confirms experience beats youthful enthusiasm
: Research shows productivity and judgment peak decades after graduation
buff.ly
February 10, 2026 at 7:39 AM
Boomers vs Zoomers in the workplace isn’t just culture — it’s security. Different habits, tools, and risk perceptions are reshaping how organizations defend themselves. People dynamics matter. 🧑💼🧑💻 #CyberCulture #WorkplaceSecurity
Attackers are using AI to assist AWS cloud break-ins — automation is accelerating reconnaissance and exploitation. Cloud defense must assume machine-speed adversaries. ☁️🤖 #CloudSecurity #AIDrivenThreats
AWS intruder pulled off AI-assisted cloud break-in in 8 mins
UPDATED: LLMs automated most phases of the attack
buff.ly
February 9, 2026 at 4:05 PM
Attackers are using AI to assist AWS cloud break-ins — automation is accelerating reconnaissance and exploitation. Cloud defense must assume machine-speed adversaries. ☁️🤖 #CloudSecurity #AIDrivenThreats
German agencies warn of phishing targeting Signal users — trusted secure messengers are now prime bait. Encryption doesn’t stop social engineering. 📱🎣 #PhishingAlert #SecureMessaging
German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists
Germany’s BSI and BfV warn of state-linked Signal phishing using fake support chats, PIN theft, and device linking to access sensitive accounts.
buff.ly
February 9, 2026 at 2:05 PM
German agencies warn of phishing targeting Signal users — trusted secure messengers are now prime bait. Encryption doesn’t stop social engineering. 📱🎣 #PhishingAlert #SecureMessaging
Russian hackers weaponized a Microsoft Office bug within days — patch windows are collapsing while attacker speed accelerates. Defense now hinges on hours, not weeks. ⏱️⚠️ #ZeroDay #ThreatIntelligence
Russian Hackers Weaponize Microsoft Office Bug in Just 3 Days
APT28's attacks use specially crafted Microsoft Rich Text Format (RTF) documents to kick off a multistage infection chain to deliver malicious payloads.
buff.ly
February 9, 2026 at 11:05 AM
Russian hackers weaponized a Microsoft Office bug within days — patch windows are collapsing while attacker speed accelerates. Defense now hinges on hours, not weeks. ⏱️⚠️ #ZeroDay #ThreatIntelligence
Cyberattacks are hitting Poland’s energy and industrial sectors — critical systems are becoming frontline targets. OT resilience is now a matter of national security. ⚡🏭 #EnergySecurity #IndustrialResilience
Poland's energy control systems were breached through exposed VPN access - Help Net Security
On 29 December 2025, coordinated cyberattacks unfolded across Poland’s cyberspace, targeting energy sector and industrial organizations.
buff.ly
February 9, 2026 at 9:05 AM
Cyberattacks are hitting Poland’s energy and industrial sectors — critical systems are becoming frontline targets. OT resilience is now a matter of national security. ⚡🏭 #EnergySecurity #IndustrialResilience
Hackers are compromising NGINX servers to silently redirect user traffic — trusted infrastructure turned into a hijack vector. Edge integrity is now critical. 🔀⚠️ #WebSecurity #TrafficHijacking
Hackers compromise NGINX servers to redirect user traffic
A threat actor is compromising NGINX servers in a campaign that hijacks user traffic and reroutes it through the attacker's backend infrastructure.
buff.ly
February 9, 2026 at 7:39 AM
Hackers are compromising NGINX servers to silently redirect user traffic — trusted infrastructure turned into a hijack vector. Edge integrity is now critical. 🔀⚠️ #WebSecurity #TrafficHijacking
Under pressure, incident response often fails — unclear roles, slow decisions, and poor drills cost time and trust. Stress tests must come before real crises. 🚨🧠 #IncidentResponse #CrisisManagement
Why incident response breaks down when it matters most - Help Net Security
Why incident response failures happen under pressure, how hesitation lets breaches escalate, and what teams can do to prepare.
buff.ly
February 4, 2026 at 2:05 PM
Under pressure, incident response often fails — unclear roles, slow decisions, and poor drills cost time and trust. Stress tests must come before real crises. 🚨🧠 #IncidentResponse #CrisisManagement
Autonomous cyberattacks aren’t fully real yet — but the building blocks are here. Automation plus AI is narrowing the gap fast. Preparation beats denial. 🤖⏳ #AIAttacks #CyberReadiness
AI agents can't pull off fully autonomous cyberattacks - yet
: Don't relax: This is a 'when, not if' scenario
buff.ly
February 4, 2026 at 11:05 AM
Autonomous cyberattacks aren’t fully real yet — but the building blocks are here. Automation plus AI is narrowing the gap fast. Preparation beats denial. 🤖⏳ #AIAttacks #CyberReadiness
Coinbase confirms an insider breach tied to leaked support tool screenshots — when access meets intent, screenshots become weapons. Insider risk remains the hardest to detect. 🧑💼📸 #InsiderThreat #Breach
Coinbase confirms insider breach linked to leaked support tool screenshots
Coinbase has confirmed an insider breach after a contractor improperly accessed the data of approximately thirty customers, which BleepingComputer has learned is a new incident that occurred in…
buff.ly
February 4, 2026 at 9:05 AM
Coinbase confirms an insider breach tied to leaked support tool screenshots — when access meets intent, screenshots become weapons. Insider risk remains the hardest to detect. 🧑💼📸 #InsiderThreat #Breach
Russia-linked APT28 is exploiting a Microsoft Office flaw to deliver malware — old file formats, new espionage. Patch fast and lock down document workflows. 📄⚠️ #APT #OfficeSecurity
Russia-linked attackers abuse new Microsoft Office zero-day
: Ukraine’s CERT says the bug went from disclosure to active exploitation in days
buff.ly
February 4, 2026 at 7:39 AM
Russia-linked APT28 is exploiting a Microsoft Office flaw to deliver malware — old file formats, new espionage. Patch fast and lock down document workflows. 📄⚠️ #APT #OfficeSecurity
Researchers found 341 malicious ClawHub repos spreading malware — open-source trust is being actively abused at scale. Clone carefully. 🧩⚠️ #OpenSourceSecurity #SupplyChainRisk
Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users
A security audit found 341 malicious ClawHub skills abusing OpenClaw to spread Atomic Stealer and steal credentials on macOS and Windows.
buff.ly
February 3, 2026 at 4:04 PM
Researchers found 341 malicious ClawHub repos spreading malware — open-source trust is being actively abused at scale. Clone carefully. 🧩⚠️ #OpenSourceSecurity #SupplyChainRisk
ShinyHunters is expanding SaaS extortion — shifting from breaches to pressure campaigns across cloud apps. When data is everywhere, leverage is too. ☁️💣 #DataExtortion #SaaSSecurity
ShinyHunters Expands Scope of SaaS Extortion Attacks
Following its Salesforce attacks last year, the cybercrime group has broadened its targeting and gotten more aggressive with extortion tactics.
buff.ly
February 3, 2026 at 2:05 PM
ShinyHunters is expanding SaaS extortion — shifting from breaches to pressure campaigns across cloud apps. When data is everywhere, leverage is too. ☁️💣 #DataExtortion #SaaSSecurity
ShinyHunters is bypassing MFA with sharp social engineering — when humans are tricked, strong auth can still fall. Identity defense must cover people, not just tech. 🎭🔐 #MFA #SocialEngineering
ShinyHunters flip the script on MFA in new data theft attacks - Help Net Security
Multi-factor authentication (MFA) is supposed to foil phishing attempts, but ShinyHunters are using it as a pretext in vishing attacks.
buff.ly
February 3, 2026 at 11:05 AM
ShinyHunters is bypassing MFA with sharp social engineering — when humans are tricked, strong auth can still fall. Identity defense must cover people, not just tech. 🎭🔐 #MFA #SocialEngineering
Notepad++ update features were hijacked for months by state-backed attackers — even trusted developer tools can become silent supply-chain weapons. Verify updates, always. 🧰⚠️ #SupplyChainSecurity #SecDevOps
Notepad++ update feature hijacked by Chinese state hackers for months
Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.
buff.ly
February 3, 2026 at 9:05 AM
Notepad++ update features were hijacked for months by state-backed attackers — even trusted developer tools can become silent supply-chain weapons. Verify updates, always. 🧰⚠️ #SupplyChainSecurity #SecDevOps
Malicious MoltBot skills are pushing password-stealing malware — voice assistants are becoming a new social engineering vector. Convenience can be compromised. 🎙️🔓 #CredentialTheft #AttackSurface
Malicious MoltBot skills used to push password-stealing malware
More than 230 malicious packages for the personal AI assistant OpenClaw (formerly known as Moltbot and ClawdBot) have been published in less than a week on the tool's official registry and on GitHub.
buff.ly
February 3, 2026 at 7:39 AM
Malicious MoltBot skills are pushing password-stealing malware — voice assistants are becoming a new social engineering vector. Convenience can be compromised. 🎙️🔓 #CredentialTheft #AttackSurface
France flags security risks in videoconferencing tools — meetings now carry data, espionage, and compliance exposure. Choose platforms like you choose partners. 🎥⚠️ #SecureComms #DataProtection
France says au revoir to US videoconferencing software
: French govt says state-run service 'Visio' will be more secure. Now where have we heard that name before?
buff.ly
February 2, 2026 at 4:05 PM
France flags security risks in videoconferencing tools — meetings now carry data, espionage, and compliance exposure. Choose platforms like you choose partners. 🎥⚠️ #SecureComms #DataProtection