π WhatsApp device linking is being abused to hijack accounts β attackers donβt need malware, just a moment of trust. Secure linking is the new frontline. π±π #SocialMediaSecurity #IdentityAbuse
Manuel Bissey
#Cybersecurity and Risk Management Executive @Microsoft. Passionate about #Cyberdefense, #Technology and #Innovation. Views are my own.
π©βπ»π€
πβ‘οΈ
EV driver
π¬
Views are my own
β’οΈ Attackers are using stolen AWS credentials to run large-scale cryptomining β cloud abuse turns leaked keys into real money fast. Secure identities, monitor spend. βοΈπ° #CloudSecurity #CredentialAbuse
https://www.darkreading.com/cloud-security/attackers-use-stolen-aws-credentials-cryptomining
France arrests a suspect linked to the cyberattack on the Interior Ministry β attribution is hard, accountability harder, but law enforcement is catching up. π«π·βοΈ #CyberCrime #LawEnforcement
Cybersecurity leaders are sharpening their edge through constant learning β staying ahead now means reading beyond headlines and into strategy. Knowledge is defense. ππ‘οΈ #CyberLeadership #ContinuousLearning
https://www.helpnetsecurity.com/2025/12/18/what-cybersecurity-leaders-are-reading-to-stay-ahead/
Google finds five China-nexus groups exploiting the React2Shell flaw β coordinated campaigns mean patching isnβt optional, itβs urgent. π₯π οΈ #ThreatActors #ZeroDayAlert
A Venezuelan oil company downplays an alleged US-linked cyberattack β where geopolitics and energy infrastructure intersect, silence doesnβt mean safety. βοΈπ #IndustrialSecurity #GeoCyberThreats
https://www.darkreading.com/cyber-risk/venezuela-oil-company-downplays-alleged-us-cyberattack
SoundCloud suffers a breach affecting DoS VPN user data β even creative platforms must guard access and network-layer info. π§π #DataBreach #PlatformSecurity
https://www.helpnetsecurity.com/2025/12/16/soundcloud-breach-dos-vpn/
Cellik Android malware rebuilds trusted Google Play apps into malicious versions β supply-chain abuse is moving straight into app stores. Trust must be verified, not assumed. π±β οΈ #AndroidSecurity #SupplyChainRisk
VolkLocker ransomware was exposed by hardcoded flaws β even advanced extortion ops can fail on basic mistakes. Attackers rush; defenders should exploit that. ππ₯ #Ransomware #ThreatIntel
https://thehackernews.com/2025/12/volklocker-ransomware-exposed-by-hard.html
Chrome and Edge privacy extensions quietly collect user data β not all βprivacy toolsβ protect privacy. Verify before you trust. π‘οΈπ #PrivacyRisk #BrowserSecurity
https://www.theregister.com/2025/12/16/chrome_edge_privacy_extensions_quietly/
React2Shell vulnerability is being actively exploited in the wild β developers must patch urgently to stop code execution attacks. βοΈπ₯ #ReactSecurity #ZeroDayAlert
https://thehackernews.com/2025/12/react2shell-vulnerability-actively.html
New research shows MFA adoption is shifting security postures β strong authentication is moving from optional to foundational. ππ #IdentitySecurity #MFAAdoption
https://www.helpnetsecurity.com/2025/12/16/okta-mfa-security-shift-report/
Cyber insurance MGAs are reshaping policies to reflect real cyber risk β moving coverage from paperwork to practical protection. ππ‘οΈ #CyberInsurance #RiskManagement
https://www.darkreading.com/cyber-risk/how-cyber-insurance-mga-shape-cyber-risk-policy
French Interior Ministry email servers were breached in a cyberattack β files were accessed, but thereβs currently no evidence of serious compromise. An investigation is underway as security is tightened. π«π·π§ #GovernmentSecurity #IncidentResponse οΏΌ
New study shows AI-generated phishing training boosts user detection rates β simulated threats build real resilience. Educate before you react. ππ§ #PhishingAwareness #AITraining
https://www.helpnetsecurity.com/2025/12/16/ai-generated-phishing-training-study/
A Gogs zero-day is under active exploitation β source-control systems canβt be trusted without rapid patching and scoped access controls. π οΈπ¨ #DevSecOps #ZeroDayAlert
https://www.theregister.com/2025/12/10/gogs_0day_under_active_exploitation/
β’οΈ Apple issues security updates after two active zero-days were exploited in the wild β urgent patching is non-negotiable. πβ οΈ #iOSSecurity #ZeroDayAlert
https://thehackernews.com/2025/12/apple-issues-security-updates-after-two.html
Hacktivists are targeting critical infrastructure β where ideology meets impact, outages become statements. Protecting grids and networks is now a civic duty. β‘π #CyberWarfare #Hacktivism
https://www.darkreading.com/threat-intelligence/hactivists-target-critical-infrastructure
βοΈ Global ransomware trends in 2025 show data extortion overtaking encryption, bigger payouts, and faster attacks. Defense must be proactive, not reactive. ποΈπ£ #Ransomware #ThreatLandscape
https://www.helpnetsecurity.com/2025/12/12/global-ransomware-trends-2025/
PayPal subscription misuse is driving fake purchase emails β scammers exploiting trusted billing flows to phish and defraud. Always verify before you click. π§β οΈ #PhishingScams #FraudAwareness
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst