<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Over 252 million identity records from seven countries were exposed through three misconfigured servers in Brazil and the UAE β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/oRMZQQ7cTZZev106PA8VCdF8YjBWRQxHqzNOdAyAIe4=421" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/bzCPHqVgTMiXuQ5Lr8DkEeVc3MR0TDNsNEb8zi6reJA=421" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=0e708bd8-8a19-11f0-89eb-5da9798e717c%26pt=campaign%26t=1757077564%26s=68ca5529bf0929e08e3763e140ce1f16588cbfb5d602bba14cfcf6c5b7d34e24/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/pPEka9Cj8X7tC137TdFBHk1T0eu_NKsdRGJac_dSyJk=421"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbitwarden.com%2Fresources%2Fbitwarden-security-impact-report%2F%3Futm_campaign=10538385-TLDR%25202025%26utm_source=TLDR%26utm_medium=newsletter%26utm_content=2025_infosec_report/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/UFaIapbxLgs6VYMW3E2KEosD-tOF1we_ffHyKI3Y6t8=421"><img src="https://images.tldr.tech/bitwarden.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Bitwarden"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-09-05</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbitwarden.com%2Fresources%2Fbitwarden-security-impact-report%2F%3Futm_campaign=10538385-TLDR%25202025%26utm_source=TLDR%26utm_medium=newsletter%26utm_content=2025_infosec_report/2/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/lOqSia6GxCOLfgjiInle1n7pcg02tIwtdgSGqCcl_RY=421">
<span>
<strong>New research: Company mandates increase password manager usage by 2.4x (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Weak and reused passwords expose companies to critical risks. In fact, the majority of web application breaches stem from poor credential hygiene, costing organizations millions per incident.<p></p><p>The <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbitwarden.com%2Fresources%2Fbitwarden-security-impact-report%2F%3Futm_campaign=10538385-TLDR%25202025%26utm_source=TLDR%26utm_medium=newsletter%26utm_content=2025_infosec_report/3/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/MiQqSzKN1y6_Z6B1uUAM2BcNzHiUkTRfZQUQNlcs_AI=421" rel="noopener noreferrer nofollow" target="_blank"><span>2025 Security Impact Report</span></a> from Bitwarden surveyed IT managers to uncover what actually drives password manager tool adoption in an organization. The biggest boost came from company-wide mandates, which more than doubled employee usage compared to department-level rollouts.</p>
<p>But mandates alone aren't enough. 35% of organizations still struggle with user reluctance, even with such policies in place. The most effective approach combines executive announcements with technical enforcement like disabling browser-based password management.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbitwarden.com%2Fresources%2Fbitwarden-security-impact-report%2F%3Futm_campaign=10538385-TLDR%25202025%26utm_source=TLDR%26utm_medium=newsletter%26utm_content=2025_infosec_report/4/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/H-UzSDrbaeQ8ltFFSXOGmibWHi9RAuhAT07GKn1yMtM=421" rel="noopener noreferrer nofollow" target="_blank"><span>Read the full research (ungated)</span></a></p>
<p>Nearly all of enterprise customers report that Bitwarden improved their security posture once fully deployed. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbitwarden.com%2Fgo%2Fbusiness-password-manager%2Ftldr%2F%3Futm_campaign=10538385-TLDR%25202025%26utm_source=TLDR%26utm_medium=newsletter%26utm_content=form_page/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/aCqpND2LzuCYeLxMhGHOkECHJKg3h3Z0qdiJ-vmC39M=421" rel="noopener noreferrer nofollow" target="_blank"><span>Start a free enterprise trial today</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FMRFqob/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/Da-VzbUZNnTugeZ2SsmQZwAt7oYJVr7xLFl8ru59Cbo=421">
<span>
<strong>252M identities dumped online in massive leak affecting 7 countries (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Over 252 million identity records from seven countriesβTurkey, Egypt, Saudi Arabia, UAE, Mexico, South Africa, and Canadaβwere exposed through three misconfigured servers in Brazil and the UAE. These contained government-level profiles with ID numbers, birth dates, contact details, and addresses. The databases had similar structures, suggesting a single operator, but the source remains unknown. Turkey, Egypt, and South Africa were most affected. Cybernews contacted hosting providers, and the data is no longer publicly accessible as of June.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fchesscom-discloses-recent-data-breach-via-file-transfer-app%2F%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/vGdQA4EsTsTtU833e03wW5-7IBXoMpqYGy-VVTcZh6U=421">
<span>
<strong>Chess.com Discloses Recent Data Breach via File Transfer App (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Chess.com reported that it experienced a data breach after detecting unauthorized data stored in a third-party file transfer application. The incident only impacts an estimated 4.5K users and may have exposed names and other PII.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fnew-tp-link-zero-day-surfaces-as-cisa-warns-other-flaws-are-exploited%2F%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/ihtOpxwx8zzuJNIkL7LCWd-fkwjIebv_P2XsC2RUo5o=421">
<span>
<strong>New TP-Link Zero-Day Surfaces As CISA Warns Other Flaws are Exploited (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
TP-Link has confirmed the existence of an unpatched zero-day vulnerability impacting multiple routers. The vulnerability was discovered by a security researcher who stated that it is caused by a stack buffer overflow in the CPE WAN Management Protocol (CWMP). An attacker could exploit it by redirecting vulnerable devices to a malicious CWMP server, which could deliver an oversized SOAP payload, leading to remote code execution.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4050956%2Fmalicious-npm-packages-use-ethereum-blockchain-for-malware-delivery.html%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/6igfVvvTjsccu-al6IXPJ2I7YfbpF6Gi6p0_MXfh5EE=421">
<span>
<strong>Malicious npm packages use Ethereum blockchain for malware delivery (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attackers deployed fake GitHub repositories and npm packages that stored malware download URLs in Ethereum smart contracts rather than directly in the code, making detection significantly harder for security tools. The campaign targeted cryptocurrency developers with fake automated trading bots, using packages like colortoolsv2 and mimelib2 that connected to blockchain addresses to retrieve second-stage payloads. The attackers automated thousands of fake commits daily to inflate repository legitimacy, demonstrating sophisticated supply chain attack techniques that combine social engineering with blockchain-based evasion.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.trailofbits.com%2F2025%2F09%2F03%2Fsubverting-code-integrity-checks-to-locally-backdoor-signal-1password-slack-and-more%2F%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/SwYwb_dPHgphPUBHuaWk9Ht7kG60kua56Mn9DV9sea0=421">
<span>
<strong>Subverting code integrity checks to locally backdoor Signal, 1Password, Slack, and more (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A new vulnerability in popular Electron-based apps like Signal, 1Password, and Slack allows attackers to get around code integrity checks by hiding backdoors in overlooked V8 heap snapshot files. Electron's integrity protections often miss these files, meaning backdoors can be inserted without failing code signatures or integrity checks, especially when apps are installed in user-writable folders. This post shows a proof of concept to demonstrate keylogging and privilege escalation with the exploit, showing that even patched applications may have missed attack surfaces.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsemgrep.dev%2Fblog%2F2025%2Ffinding-more-zero-days-through-variant-analysis%2F%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/mQ2ZwBfH6vDGVBZ3WkHKd9fKDmVnKjrivUyjd4Y2r18=421">
<span>
<strong>Finding More Zero Days Through Variant Analysis (12 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Variant analysis helps identify new vulnerabilities that resemble previously found ones, often caused by incomplete fixes, regressions, or similar code paths in large applications. By combining CVEs with patch history, we can understand how specific vulnerabilities arose and use that knowledge to create Semgrep rules for spotting new issues. This post provides a practical example of finding a vulnerability in the Expat C library through variant analysis of an existing CVE.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftryhackme.com%2Fthreat-hunting-sim%3Futm_source=TLDR%26utm_medium=affiliates%26utm_campaign=TLDR_Newsletter_5Sept25/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/XQT6yDlspKcVaF6yBjp15SfFre7FJe9nCBsGijhbWJU=421">
<span>
<strong>Keep your SOC team attack-ready with the Threat Hunting Simulator (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Most SOC teams focus on reactive work but aren't actively looking for threat actors that have bypassed their security controls. TryHackMe's <strong>Threat Hunting Simulator</strong> gives analysts <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftryhackme.com%2Fthreat-hunting-sim%3Futm_source=TLDR%26utm_medium=affiliates%26utm_campaign=TLDR_Newsletter_5Sept25/2/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/VbjT3JKnDosgDfkgXg8H8sGFwYBD_LTwUXSpCv97bsg=421" rel="noopener noreferrer nofollow" target="_blank"><span>a safe, repeatable environment to practice spotting adversary behaviours</span></a>. Gamified hunts and instant feedback enable teams to sharpen detection rules and response playbooks, without the overhead of building internal labs. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftryhackme.com%2Fthreat-hunting-sim%3Futm_source=TLDR%26utm_medium=affiliates%26utm_campaign=TLDR_Newsletter_5Sept25/3/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/hYeJZhO5UbP0S954kKESFb8kCLx2ffQLzO1aw3RC9O0=421" rel="noopener noreferrer nofollow" target="_blank"><span>Start free</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Famberchalia%2Ffraction_loader%2F%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/K6MRfcPOKNirPNIl843y2mSO0pxynJn8h3CKjxVSoLQ=421">
<span>
<strong>Fraction Loader: In-Memory Loader Project (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Fraction Loader is an educational malware project that creates a stealthy in-memory loader capable of downloading, reassembling, and executing payload fragments without touching disk. It uses Windows APIs like VirtualAlloc and WinHTTP to handle encrypted payload chunks, parse headers for order, and reassemble them into executable memory with suitable permissions. While meant for penetration testers and security researchers to learn evasion techniques, it functions as a weaponized dropper that can bypass file-based detection and pose a threat to InfoSec professionals monitoring for in-memory attacks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.tidalcyber.com%2F%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/grD1mE_VND3RV5UZrFMXAdJWl4DtZ_vU17u7LsdOm8Y=421">
<span>
<strong>Tidal Cyber (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Tidal Cyber maps tactics, techniques, procedures, and procedural-level insights to MITRE ATT&CK to tailor security strategies around adversary groups and their behavior for threat-led defenses.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FMixeway%2FFlow%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/MS012HQnFP8OKAoEaytrdgdkOBwluKS4b2uttoNIrdg=421">
<span>
<strong>Flow (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Mixeway Flow is a DevSecOps platform that automatically performs four security scans (SAST, SCA, IaC, and secret detection) on Git repositories through webhook integration. It aggregates vulnerabilities from various open-source scanning tools such as Bearer, OWASP Dependency Track, KICS, and Gitleaks into a single dashboard for streamlined security management. The platform simplifies CI/CD pipeline setup and offers thorough application security testing across code, dependencies, infrastructure, and credential exposure.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fstreameast-the-largest-pirated-sports-platform-disrupted-by-police%2F%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/TJT5VxdYLh3la7cO4Ga6VUXh7o66pC-QLlB0cZI9eTI=421">
<span>
<strong>Police disrupts Streameast, largest pirated sports streaming network (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Egyptian authorities and the Alliance for Creativity and Entertainment (ACE) shut down Streameast, the world's largest illegal sports streaming platform that received 136 million monthly visits across 80 domains, arresting two suspects and seizing assets linked to $6.2 million in laundered advertising revenue.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theverge.com%2Fnews%2F771540%2Fgoogle-class-action-verdict-user-privacy-tracking%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/LzddBzyb5Yd_3qi-IqAzeBPfEq5ac6qeJ8vm5Uwpa1Y=421">
<span>
<strong>Jury orders Google to pay $425 million for violating user privacy (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A California jury found Google liable for collecting user data even after tracking was disabled, resulting in a $425 million penalty. The class action lawsuit covered 98 million users and claimed Google continued to gather app activity despite settings meant to protect privacy.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F09%2F04%2Ffrance_google_shein_cookie_fines%2F%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/8kT2FTm0T9avsoyqPrqQM3KUciKNZVyJdW5X5M4PrR0=421">
<span>
<strong>France fines Google, SHEIN for undercooked cookie policies that led to crummy privacy (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
France's data authority fined Google β¬325M and SHEIN β¬150M for using cookies without user consent and breaching privacy laws. Google was also penalized for showing ads in Gmail based on those cookies. Meanwhile, SHEIN's opt-out failed as cookies were still sent even when users clicked βReject All.β
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdatabreaches.net%2F2025%2F09%2F03%2Ftexas-sues-powerschool-over-breach-compromising-info-of-over-880000-students-teachers%2F%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/MseEwq72hv-oppr5hccFOv8jRTaBUG2cTXOZf0l8Z-k=421">
<span>
<strong>Texas sues PowerSchool over breach compromising info of over 880,000 students, teachers (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Texas Attorney General Ken Paxton filed suit against education software provider PowerSchool for a December 2024 data breach that exposed personal information of more than 880,000 Texas students and teachers, alleging the company failed to implement adequate security measures despite knowing about vulnerabilities.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fdisney-to-pay-10m-to-settle-claims-it-collected-kids-data-on-youtube%2F%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/kaYa8D0C5shqgwGQZ3VfebuVgimvmpusr03ws9t2OKg=421">
<span>
<strong>Disney to pay $10M to settle claims it collected kids' data on YouTube (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Disney agreed to pay $10 million to settle FTC claims that it mislabeled child-directed YouTube videos as "Not Made for Kids," which enabled unlawful collection of children's personal data and targeted advertising without parental consent in violation of COPPA regulations.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.theregister.com%2Ffeed%2Fwww.theregister.com%2F2025%2F09%2F03%2Ffreebsd_project_update_no_ai%2F%3Futm_source=tldrinfosec/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/kjouGmpWMF6FiWPlwsya2vmU8dMko1estdZ8BriodP4=421">
<span>
<strong>FreeBSD Project isn't ready to let AI commit code just yet (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The FreeBSD Project is developing a policy to restrict LLM-generated code contributions due to licensing concerns, though AI may still be allowed for documentation, translations, and code analysis tasks.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/c75kq1u7OaWXM2OZzZ4j7KisNUDG_nai6j4w7zlR8S8=421" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/c0cC3ZnKMiOHkZWN0VxGEfveXJQNgubcASRZtMI9ZrA=421" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/10UEqYwm6bFZ7Qqmj0QjNfWtQ0arWNp9DqBjBqTf4MM=421"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/USMcK22KwHmspSKGcxdyoPvT5FTgkMj5dePgtvlA2BE=421" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/F6n6N4jcyDm3GEpYPsK9zPzUGIP94Zfu8pNTlQAQ7Jc=421"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/3FItDJ3yK_TMBId3G49Tu4ywoyoQMPoaKSa1PHOpYpM=421"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/9bE90X1VlswCiZejcaNfmmAdEcyitRdZn35IsjHuoJI=421"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/_W50wxDEL0tPyqXiPtjC28bQXiCVneOLKAtYa5QqYZo=421">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=0e708bd8-8a19-11f0-89eb-5da9798e717c%26pt=campaign%26pv=4%26spa=1757077264%26t=1757077564%26s=913e6eed8243b7619c97527611e478b2a488cda6530af40cca807a53b319472e/1/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/OfAsvX79zpBBNoKIiI_cFxAGD1u4Aso6cTiM18ypqgo=421">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019919fbec30-669eab03-28b4-4ad2-8ef6-67934c21b5f4-000000/L3aylZeXLbGzaa4WQa5ud69-EHVwno1JLOm5SmtJORk=421" style="display: none; width: 1px; height: 1px;">
</body></html>