<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Plex disclosed a breach exposing user data, including usernames, emails, scrambled passwords, and some auth data. The passwords are unreadable β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/2pkNk9wA_qS8zieyTg08CnNV2OgtcFXRy3LeLXNJMpA=422" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/k4NQ-Ilu8EYnkJGCpnBv9fzIubTmFfXAeCUisTHd4KU=422" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=8d72b65a-8e23-11f0-a668-632de24eb959%26pt=campaign%26t=1757509598%26s=1cfa39ca63abc4f902b2841812c5b6ae0526813460a622852c8baf0e8440d259/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/m03vUdQGiWb8HBhu1r5FN31PF1IRJWv13ZhBk0fg2M4=422"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fplatform%2Fstorage-control%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=storage_control_q3_25%26utm_content=storage_control%26utm_term=newsletter/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/EvJQ6m40V93bTjIYrXf5TnsvcESOZBDESh_vHDdGgMs=422"><img src="https://images.tldr.tech/threatlocker2.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Threatlocker"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-09-10</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fplatform%2Fstorage-control%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=storage_control_q3_25%26utm_content=storage_control%26utm_term=newsletter/2/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/qQjnEa2I5Y4pRGoENpkmkSpds4Mn0SLrZstqh8l0bE0=422">
<span>
<strong>USB drives are still a problem - but they're not your only data exfiltration risk (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
While most organizations focus on blocking USB devices, attackers and insiders can just as easily steal data through network shares, cloud storage, or even local folder access. You need visibility and control over ALL storage access points.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fplatform%2Fstorage-control%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=storage_control_q3_25%26utm_content=storage_control%26utm_term=newsletter/3/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/PZB7WKFV2UymFxbCj_IeSLxSXv9Vzta4QGNUk-rheIg=422" rel="noopener noreferrer nofollow" target="_blank"><span>ThreatLocker Storage Control</span></a> provides <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fplatform%2Fstorage-control%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=storage_control_q3_25%26utm_content=storage_control%26utm_term=newsletter/4/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/i-N8pR64MN5v8g79goADaYk9D29g03_EA2BKxPt1Z5w=422" rel="noopener noreferrer nofollow" target="_blank"><span>granular policies across every storage type</span></a> - from USB drives to network shares to local folders. Set policies as simple as "block all USBs" or as detailed as "only allow backup apps to access the backup share."</p>
<p>β‘ Unified audit logs every file access with device serial numbers</p>
<p>β‘ 60-second approval workflow for storage access requests</p>
<p>β‘ Granular policies by user, time, application, and device type</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fplatform%2Fstorage-control%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=storage_control_q3_25%26utm_content=storage_control%26utm_term=newsletter/5/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/EfiDn3rkj6xP40CVrrKRF6vC8_n4SXRRczQMnpdqDj0=422" rel="noopener noreferrer nofollow" target="_blank"><span><strong>See Storage Control in action</strong></span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2025%2F09%2F09%2Fplex-urges-users-to-change-passwords-after-data-breach%2F%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/cGX1xGbme467_PzZ7nYDcjcD2hMGqWnj8MGlE4qs5V0=422">
<span>
<strong>Plex urges users to change passwords after data breach (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Plex disclosed a breach exposing user data, including usernames, emails, scrambled passwords, and some auth data. Though the passwords are unreadable, Plex urges users to reset and sign out of connected devices.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F09%2F09%2Fgym_audio_recordings_exposed%2F%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/rb_EjgQEZFufogAzmrSuHVPVjEdLgxul3iOaRYReYHk=422">
<span>
<strong>No gains, just pains as 1.6M fitness phone call recordings exposed online (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Security researcher Jeremiah Fowler uncovered an unprotected HelloGym database with 1.6 million audio recordings from major gym franchises, exposing customer and staff names, phone numbers, and sensitive conversations. Risks include voice cloning, deepfakes, and social engineering.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2F160000-impacted-by-wayne-memorial-hospital-data-breach%2F%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/pWxcVpgSF9BVcE4dZQ5Ain8VQmh-LwKVvCyNlJUXJ7w=422">
<span>
<strong>160,000 Impacted by Wayne Memorial Hospital Data Breach (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Over 160,000 people had personal and medical data stolen in a ransomware attack on Wayne Memorial Hospital in May 2024. Hackers accessed sensitive personal, health, and financial information. The hospital responded quickly, restored systems, and offered affected individuals free credit monitoring.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurityaffairs.com%2F182014%2Fmalware%2Flunalock-ransomware-threatens-victims-by-feeding-stolen-data-to-ai-models.html%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/jduPUB2_P8ZleY8rxKmuXNjSslb1DvK9U52MU1kuv4M=422">
<span>
<strong>LunaLock Ransomware threatens victims by feeding stolen data to AI models (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
LunaLock, a new ransomware group, has threatened to submit stolen artwork from the Artists&Clients website to AI companies for training datasets if its $50,000 ransom demand isn't met. This approach, a unique extortion technique, represents a dangerous precedent as it compromises victims' intellectual property permanently by incorporating stolen data into AI models, unlike traditional dark web leaks that may fade over time. The attack targets artists who are already vulnerable to AI data scraping by companies like OpenAI and Google.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbinarysecurity.no%2Fposts%2F2025%2F08%2Fsecuring-gh-actions-part1%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/0YkwpREz3WxA9spltjypc1EPz8odsT9LvzajvqX26dg=422">
<span>
<strong>GitHub Actions: A Cloudy Day for Security - Part 1 (16 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Security challenges in GitHub Actions can affect even trusted teams, as attackers may exploit workflows or inject malicious code. Using branch protection, pull request approvals, environment variable management, and safeguards like the βfour-eyesβ principle reduces risks. Regular reviews and testing further strengthen CI/CD pipeline security.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurity.apple.com%2Fblog%2Fmemory-integrity-enforcement%2F%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/5otGouNAYSODlpNGTo0S_bD8Xfj10cdJ1rLlUsApUho=422">
<span>
<strong>Memory Integrity Enforcement: A complete vision for memory safety in Apple devices (12 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Apple's Memory Integrity Enforcement (MIE), introduced in the iPhone 17 and iPhone Air, combines secure memory allocators with Enhanced Memory Tagging Extension (EMTE) hardware to provide continuous memory safety against advanced spyware exploiting memory corruption. It uses hardware-enforced memory tagging to prevent buffer overflows and use-after-free attacks by assigning secret tags to memory and terminating processes when tags are incorrect. Tag Confidentiality Enforcement also defends against side-channel attacks, including Spectre V1 mitigations. Apple's tests show MIE defeats all recent real-world exploits, forcing attackers to restart development with new techniques and making memory corruption exploits more difficult and costly.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fzenity.io%2Fresources%2Fevents%2Fai-agent-security-summit-2025%3Futm_source=referral%26utm_medium=event%26utm_campaign=Q3_2025_aiagentsummit-reg%26utm_content=tldr-infosec-secondary/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/Ii-C4Zgj0b9gWLq7um-gtPnYTeFWbKPrDfScnk8gpwc=422">
<span>
<strong>Nearly every major AI agent is exposed to 0click exploits (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
From hijacked ChatGPT sessions to leaked Copilot data and rerouted Salesforce comms β real attacks show why exploring these issues are so critical. Join the AI Agent Security Summit to delve deeper. Built from 100+ community submissions, it brings together top researchers and security experts to share defenses that keep agents secure.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fzenity.io%2Fresources%2Fevents%2Fai-agent-security-summit-2025%3Futm_source=referral%26utm_medium=event%26utm_campaign=Q3_2025_aiagentsummit-reg%26utm_content=tldr-infosec-secondary/2/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/5yc6-C-NUV8pjTe0SC4zCx_vRESmjVyAbtuOXYtHq-4=422" rel="noopener noreferrer nofollow" target="_blank"><span>π Register now (San Francisco | Oct 8)</span></a></p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fzenity.io%2Fresearch%2Fagentflayer-vulnerabilities%3Futm_source=referral%26utm_medium=sponsored%26utm_campaign=Q3-2025-TLDR-Infosec-Newsletter%26utm_content=secondary/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/7PQYKTIRnrOTp7YZUT1JIBondpczXmHPWaPFNkNag8w=422" rel="noopener noreferrer nofollow" target="_blank"><span>π Read Zenity Labs' AgentFlayer 0click Exploit research<br></span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fpoppopjmp%2FVMDragonSlayer%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/GYHXxOPz1qaZSgUQnWLosjAFSJQci1NR0QtT5AnDtd4=422">
<span>
<strong>VMDragonSlayer (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
VMDragonSlayer is a framework for analyzing binaries protected by VM-based protectors like VMProtect 2.x/3.x, Themida, and custom malware VMs. It combines Dynamic Taint Tracking, Symbolic Execution, Pattern Classification, and Machine Learning to automate reverse engineering.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsola.security%2F%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/BI6icOx_N0Y5RWfOrYdsjDK19yxyHFIMBuxugd6wdJ0=422">
<span>
<strong>Sola Security (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Sola Security has built an AI-powered no-code security platform that can design, customize, and deploy security tools in minutes.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FAzure%2Fdalec%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/1is8jFnSEXjwrBvyGFQO6tDv5-873R5qohoGZaPTuQs=422">
<span>
<strong>Dalec (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Dalec provides a declarative format for building system packages and containers from those packages. It is designed for building containers for Azure and supports Azure Linux 2 and 3 and Windows containers.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fredhuntlabs.com%2Fblog%2Fai-powered-celebrity-impersonation-scams-a-threat-intelligence-report-by-redhunt-labs%2F%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/CXijPV3gQaqWT8VYxWHuzunBrOAN2P-1EdOJPcNaLbs=422">
<span>
<strong>AI-Powered Celebrity Impersonation Scams: A Threat Intelligence Report by RedHunt Labs (15 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
RedHunt Labs discovered a complex AI-driven investment scam targeting Indian users through Facebook and Instagram ads featuring deepfake videos of celebrities like Nirmala Sitharaman, Sadhguru, and Neha Kakkar promoting fake investment platforms. Victims lost an average of over βΉ50,000. The scammers use deepfake technology to create convincing fake interviews and endorsements, bypassing Facebook's ad review system through short-lived campaigns and fake Amazon links. They redirect victims to counterfeit news websites impersonating major Indian media outlets like NDTV and India Today. The campaign involves a network of over 1,000 interconnected fraudulent websites and uses multiple payment methods, including UPI transfers and international bank accounts. It has expanded beyond social media to include compromised websites, fake Medium blog posts, and SEO manipulation to reach victims across multiple platforms.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftherecord.media%2Fnepal-social-media-ban-protests%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/enpBW-8yZjljptqe-JKUFV3PbgkKAii32oyv1bOYb5I=422">
<span>
<strong>Nepal social media ban sparks protests, dozens injured (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
At least 14 people were killed and dozens injured in Nepal after police clashed with "Gen Z protesters" demonstrating against the government's ban on 26 major social media platforms, including Facebook, Instagram, WhatsApp, Signal, YouTube, and X. The restrictions were imposed after foreign tech companies failed to register locally under new regulations, citing concerns about cybercriminals spreading disinformation with fake accounts and unregistered platforms. Rights groups condemned both the ban and the police force, calling the restrictions a "dangerous precedent for press freedom" that could harm Nepal's business and tourism sectors, heavily reliant on social media.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberscoop.com%2Fsoutheast-asia-scam-hubs-sanctions%2F%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/1TxeujoIU5wERrRDXGqFp2JgilTLlm22z8kA_SP4TJo=422">
<span>
<strong>Treasury Department targets Southeast Asia scam hubs with sanctions (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The U.S. Treasury Department sanctioned 19 individuals and organizations operating cyberscam hubs in Burma and Cambodia, responding to Americans losing at least $10 billion to Southeast Asian scam operations in 2024βa 66% increase from the previous year. The sanctions target notorious hubs like Shwe Kokko, Burma, where criminal organizations use debt bondage, violence, and threats of forced prostitution to coerce workers into conducting virtual currency investment scams and other online fraud against victims worldwide. The action aims to disrupt industrial-scale fraud operations that not only threaten Americans' financial security but also subject thousands of people to modern slavery conditions in forced labor compounds.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://www.intruder.io/research/broken-authorization-apis-autoswagger?utm_source=tldrinfosec&utm_medium=p_referral&utm_campaign=global|fixed|autoswagger_10_09_25" ses:tags="linkId:f83d0bb63bcfe469b34af509ee734432;">
<span>
<strong>Authorization vulnerabilities in public APIs are shockingly common (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Intruder ran its Autoswagger tool against targets from several large bug bounty programs - and came back with exposed credentials in APIs offered by Microsoft and other massive companies. <a href="https://www.intruder.io/research/broken-authorization-apis-autoswagger?utm_source=tldrinfosec&utm_medium=p_referral&utm_campaign=global|fixed|autoswagger_10_09_25" ses:tags="linkId:f83d0bb63bcfe469b34af509ee734432;" rel="noopener noreferrer nofollow" target="_blank"><span>See the examples and get the tool</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.theregister.com%2Ffeed%2Fwww.theregister.com%2F2025%2F09%2F08%2Fmicrosoft_copilot_ssms%2F%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/CxuiY7Lfa0l4hO0HCu58Ot1tLjvpSB9O0_hF6AjK-r8=422">
<span>
<strong>Microsoft hits pause on Copilot ... in SQL Server Management Studio (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft temporarily removed Copilot functionality from SQL Server Management Studio (SSMS) 22 Preview 1 after 75% of survey respondents preferred GitHub Copilot integration over the current implementation.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurityaffairs.com%2F181984%2Fsecurity%2Fvenezuelas-president-maduro-said-his-huawei-mate-x6-cannot-be-hacked-by-us-cyber-spies.html%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/4mnSvcqLaHtn2amgaZvqoJHOVijAUFuSBi4bYOjSxQs=422">
<span>
<strong>Venezuela's President Maduro said his Huawei Mate X6 cannot be hacked by US cyber spies (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Venezuelan President NicolΓ‘s Maduro claimed his Huawei Mate X6 smartphone, reportedly gifted by China's Xi Jinping, is "the best phone in the world" and cannot be hacked by US cyber spies, despite cybersecurity experts noting that well-resourced nation-state actors can compromise any device and that HarmonyOS may contain undiscovered vulnerabilities due to limited global scrutiny.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fkosovo-hacker-pleads-guilty-to-running-blackdb-cybercrime-marketplace%2F%3Futm_source=tldrinfosec/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/pt6WF4fRujgT8jUvCz2VLFW0fT8D34uOfAwlu6z4Hss=422">
<span>
<strong>Kosovo hacker pleads guilty to running BlackDB cybercrime marketplace (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Kosovo national Liridon Masurica, also known as "@blackdb," pleaded guilty to conspiracy to commit access device fraud for operating the BlackDB.cc cybercrime marketplace from 2018 to 2025.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/czUD0ZAQp-IqezJcMuM2evmT2CDMuAlCxo_FhCPVPWk=422" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/Gk7sVRLH6BuPdrDHsPiW0pJEolGNzVhkXw4N6gsCQaE=422" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/eeFDXaBgCkucwdwsXeafvMLstS4qSv50RJdm9pbD71g=422"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/JPLy1ADwbTcgZNUegUR0sl5NPIZ4q9VQUYZoUB2rKmg=422" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/zoOmmj-8eCuFuNJNLpERqVS7_14nw7LvkeywgrDMWgM=422"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/WzZiv_owZAYkhJjl20O6fiFGUNUJgCKn2zPrS_09eww=422"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/Us5rIzBJ_C6ZT8Ut4U6ytgzwQkksFAEbUCSGFDHLDpo=422"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/pjHEfKZ3zVAopuH9oRIszG-jU1dnBf_jIB4YGC6w_t4=422">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=8d72b65a-8e23-11f0-a668-632de24eb959%26pt=campaign%26pv=4%26spa=1757509292%26t=1757509598%26s=29312ee47503cdd6f8eb9f365de0d3d9fc7a0e3e18ae0949b14c2809dc94e8d1/1/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/-Zvaj4apR_iCN413quNaH5-uH1R9q7l5k2UJBPXhziQ=422">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019933bc3ce5-125dbcac-972b-4a9b-8770-b5de731e2eb4-000000/ksFj1tcrjKG85evNoLWawHUVGNSaAjJ5_1JPbs3w7rw=422" style="display: none; width: 1px; height: 1px;">
</body></html>