<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Researchers discovered a series of vulnerabilities in the Airoha Bluetooth SoCs used in many true wireless earbuds, including those from Sony β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/rrrLDlz4ljpoMNevwtFq65CdUEmiZLKIwmzU6-X-q-U=438" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/f98m2MIwXQb_paXro86gNDOpbfPXjzEpaF_leRgv0N4=438" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=764f677c-ea2e-11f0-a00b-87dd1c8824ff%26pt=campaign%26t=1767622066%26s=fb2e4f74253df05eb33f98a5a69566bb187c171f89ac6d85ed36715b814db635/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/SBTHY6_WMEhAMhWvyGgnVnMgD-5f6EMAPrhtYMDhsvQ=438"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sumologic.com%2Flp%2Faws-logs-security%3Futm_medium=email%26utm_source=TLDR%26utm_term=cloud-siem%26utm_id=701VK00000KhKeHYAV%26utm_campaign=20251204-global-awsmp-TLDR-primary/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/4nP4eYKeEOL7Ypea16qDn8zyJ38yY--154yUl792sc0=438"><img src="https://images.tldr.tech/sumologic.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Sumo Logic"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-01-05</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sumologic.com%2Flp%2Faws-logs-security%3Futm_medium=email%26utm_source=TLDR%26utm_term=cloud-siem%26utm_id=701VK00000KhKeHYAV%26utm_campaign=20251204-global-awsmp-TLDR-primary/2/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/eMLkN4odGbpMvNxkdD4dd6AQXTRrTdV7hlarc9Rp-o0=438">
<span>
<strong>β° An incident is unfolding. How fast can you find the root cause? (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
An active incident is the worst time to stitch together log data. Sumo Logic unifies logs from AWS, GCP, Azure, and 450+ other integrations into a single platform - powered by <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sumologic.com%2Fblog%2Fwelcome-dojo-ai-agents-soc%3Futm_medium=email%26utm_source=TLDR%26utm_term=cloud-siem%26utm_id=701VK00000KhKeHYAV%26utm_campaign=20251204-global-awsmp-TLDR-primary/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/PjiqKOsig0C5-EWWD0-RVyZbGcT1DVybX_ADmGlhABs=438" rel="noopener noreferrer nofollow" target="_blank"><span>multi-agent AI</span></a> that surfaces root causes, prioritizes key events, and guides analysts through resolution. Investigations take seconds, response is instant.
<p></p>
<ul>
<li>Pay for insights, not ingest volume.</li>
<li>Built-in threat intelligence from multiple trusted sources.</li>
<li>Eliminate manual compliance tracking with pre-built PCI dashboards</li>
</ul>
<p>π Find out why Sumo Logic is one of the top solutions in the <a class="underline underline underline-offset-2 decoration-1 decoration-current/40 hover:decoration-current focus:decoration-current" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sumologic.com%2Fbriefs%2Fgartner-siem-critical-capabilities%3Futm_medium=email%26utm_source=TLDR%26utm_term=cloud-siem%26utm_id=701VK00000KhKeHYAV%26utm_campaign=20251204-global-awsmp-TLDR-primary/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/Ptzp9-3Us3F7BFY_eBZLjwBmsftDHf_a-vQlXPt9-qk=438" rel="noopener noreferrer nofollow" target="_blank"><span>2025 Gartner Critical Capabilities for SIEM report</span></a>.</p>
<p>π <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sumologic.com%2Flp%2Faws-logs-security%3Futm_medium=email%26utm_source=TLDR%26utm_term=cloud-siem%26utm_id=701VK00000KhKeHYAV%26utm_campaign=20251204-global-awsmp-TLDR-primary/3/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/eouw5QKsHHLOtmf58-l1QVVK9-4P_RdoTbBZFjHNjak=438" rel="noopener noreferrer nofollow" target="_blank"><span>Sign up for a demo today</span></a> and get a free stadium bag!
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4112265%2Fcritical-vulnerability-in-ibm-api-connect-could-allow-authentication-bypass-2.html%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/k7RYY6nIiLtfT_ZF939ecSzwLFWQEvrp_DI1q34Uq_w=438">
<span>
<strong>Critical vulnerability in IBM API Connect could allow authentication bypass (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
IBM has disclosed CVE-2025-13915, a critical authentication bypass vulnerability with a CVSS score of 9.8 affecting API Connect versions 10.0.8.0 through 10.0.8.5 and 10.0.11.0, that allows remote attackers to gain unauthorized access without user interaction. The flaw, classified as CWE-305, breaks the architectural assumption that API gateways enforce identity and trust, causing downstream services to inherit unvalidated trust and enabling silent exposure propagation across connected systems. Organizations should immediately apply IBM's interim fixes or disable self-service sign-up on the Developer Portal while conducting inventory assessments of API dependencies and monitoring for abnormal behavior to identify which services implicitly trust the gateway.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Ftokyo-fm-data-breach-hacker-3-million-records-stolen%2F%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/OqMLX4kPQ9UBQnJy5tNe7dGIhWqgqEB9QYkvbIi--kg=438">
<span>
<strong>Tokyo FM Data Breach: Hacker Claims Over 3 Million Records Stolen (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A threat actor using the alias "victim" claimed to have breached Tokyo FM Broadcasting Co., LTD. on January 1, allegedly exfiltrating over 3 million records containing names, email addresses, dates of birth, IP addresses, user agents, job-related information, and login IDs from multiple internal systems. The breach claims remain pending verification by security experts, though if validated, the exposed credentials and personal information pose significant risks for phishing attacks and credential stuffing. Potentially affected listeners should monitor their email for suspicious messages, implement unique passwords across services, and exercise heightened vigilance given the scope of compromised personally identifiable information.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Finsinuator.net%2F2025%2F12%2Fbluetooth-headphone-jacking-full-disclosure-of-airoha-race-vulnerabilities%2F%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/PVm3lPwGxoEHJRlgpVxOrih9Bxg76VT2g9bh__Knd9I=438">
<span>
<strong>Bluetooth Headphone Jacking: Full Disclosure of Airoha RACE Vulnerabilities (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers discovered a series of vulnerabilities in the Airoha Bluetooth SoCs used in many true wireless earbuds, including those from Sony, Bose, and Marshall. The vulnerabilities include a lack of authentication when connecting a device over Bluetooth Classic or BLE, as well as the devices implementing a custom protocol, called RACE, which allows for reading and writing RAM. An attacker could chain these vulnerabilities to impersonate a user's headphones and then issue commands via a device's virtual assistant or eavesdrop on calls.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F01%2Fthe-roi-problem-in-attack-surface.html%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/FrVWNw0PcNYUeYWRgEBXcwxe1zOUXTeyTj98p0smia8=438">
<span>
<strong>The ROI Problem in Attack Surface Management (9 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attack Surface Management programs struggle to demonstrate ROI because they optimize for coverage metrics like asset counts and alerts generated rather than measuring actual risk reduction, creating a gap between effort and security outcomes. Traditional ASM implementations focus on discovery inputs while teams experience alert fatigue, long backlogs of unresolved assets, ownership confusion, and exposures that persist for months without clear evidence of improved security posture. Organizations should shift to outcome-based metrics, including mean time to asset ownership, reduction in unauthenticated state-changing endpoints, and time to decommission abandoned assetsβmeasurements that directly correlate with exposure duration and demonstrate whether the attack surface is actually shrinking over time.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F01%2F04%2Fai_agents_insider_threats_panw%2F%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/8Up6R09DKsSNkIx9UhOaeCZlLqNtEBtW9vE6uKoyDOU=438">
<span>
<strong>Palo Alto Networks security-intel boss calls AI agents 2026's biggest insider threat (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AI agents are increasingly embedded deep within corporate systems, automating tasks such as code review, alert triage, approvals, and even financial decisions, effectively acting with human-like privileges at machine speed. This makes misconfigurations and over-permissive βsuperuserβ access especially dangerous, because a single prompt injection or tool-misuse bug can turn an agent into a silent insider capable of approving fraudulent transactions, exfiltrating data, or deleting backups. At the same time, these tools help defenders scale, triage noise, and think more strategically, so security leaders must strike a balance: apply least-privilege access, robust monitoring, and strong controls around internal LLMs and task-specific agents to harness benefits without enabling catastrophic abuse.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbobdahacker.com%2Fblog%2Fpetlibro%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/fQBym1eg-MAlKDkChKb8y2jVVh9Mobp40seo5qwU6yQ=438">
<span>
<strong>Petlibro: Your Pet Feeder Is Feeding Data To Anyone Who Asks (9 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Smart pet feeders from Petlibro had several serious security flaws that allowed attackers to log in to any account via a broken social-login flow, because the backend trusted client-supplied Google IDs rather than validating OAuth tokens. Attackers could then pull detailed pet profiles, enumerate devices, hijack feeders and cameras, and even harvest owners' recorded mealtime audio messages through poorly authorized APIs. The researcher disclosed six issues, received a small bounty and a postβhoc NDA request, and criticized Petlibro for leaving the legacy authentication bypass live for weeks in the name of βcompatibilityβ despite the risk to users and their pets.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcertgrep.sh%2F%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/p9CsCm37WzUXP5-DcCg1ajbYFQ629zT-3bgHSwKjJ1U=438">
<span>
<strong>Certgrep (Website)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Certgrep is a Certificate Transparency Log search tool that allows you to search by regular expressions, wildcards, as well as suffix and prefix terms.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.apisec.ai%2F%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/D7h3oeBW0pVEyflExHNG7lgIi976acytOlYSm6Hwc8g=438">
<span>
<strong>APISec.ai (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
APISec is a dynamic, AI-powered API red team that continuously scans APIs for vulnerabilities. It includes a browser extension called Bolt that dynamically discovers APIs during user browsing without requiring a MitM proxy.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="http://tracking.tldrnewsletter.com/CL0/http:%2F%2Fgithub.com%2FLissy93%2Fweb-check%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/NEDdLQpgZ6jUMV_gJrGUspx38DB3NhdZKb7HqtIkvbE=438">
<span>
<strong>Web Check (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Web Check is an all-in-one OSINT tool for analyzing websites. This repository includes information for deploying the tool on Netlify or Vercel, building from source, or using Docker. A live demo is also included.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurityaffairs.com%2F186446%2Fcyber-crime%2Ftwo-u-s-cybersecurity-professionals-plead-guilty-in-blackcat-alphv-ransomware-case.html%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/wh5K2O1x9DsjjbomJtm0YMnPZL0OnN7GO81vWu-ocYw=438">
<span>
<strong>Two US cybersecurity professionals plead guilty in BlackCat/Alphv ransomware case (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cybersecurity professionals Ryan Goldberg (former Sygnia incident response manager) and Kevin Martin (DigitalMint ransomware negotiator) pleaded guilty to deploying BlackCat/ALPHV ransomware against multiple US victims from April to December 2023, extorting approximately $1.2M in Bitcoin from a medical device company while sharing 20% of ransoms with operators. The defendants leveraged their cybersecurity expertise to conduct attacks against five companies, with Goldberg later fleeing to Paris after learning of FBI raids on co-conspirators and both facing potential 50-year sentences. The case highlights insider threat risks and the FBI's recommendation for organizations to exercise due diligence when engaging third-party incident response providers.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsubstack.com%2Finbox%2Fpost%2F183195226%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/rj-1Z1Ncj8L9GYn57uQX4qNpXfKSkNHGj7VFhvxNnQU=438">
<span>
<strong>On Apples, Oranges, and Classical ML versus LLM Security Performance (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
When classical ML-based security tools are compared against LLM-based security tools, the classical ML tools often have several advantages that skew the results. Classical ML tools are frequently trained on a portion of the dataset and then tested on the same data, whereas LLM tools are tested in a one-shot fashion. The ground truth may contain labeling errors that classical ML models replicate, and classical ML models require continuous retraining to maintain accuracy. Moving forward, we should develop security-focused foundational models to help overcome scalability issues and hallucinations.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fmartin.kleppmann.com%2F2025%2F12%2F08%2Fai-formal-verification.html%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/F7yArYPg8VS71YMZtDmss3sbrhetSvjAU72phTAhCZE=438">
<span>
<strong>Prediction: AI Will Make Formal Verification Go Mainstream (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Formal verification is a highly specialized and time-consuming process of mathematically validating a system's behavior. The 8,700-line seL4 microkernel required 20 person-years and 200,000 lines of code in the Isabelle proof language, underscoring why formal verification remains largely an academic discipline at present. If we instead train users to write proper specifications for formal verification, it may be possible to use LLMs to generate proofs and reduce the barrier to formal verification.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Fresecurity-shinyhunters-honeypot-breach%2F%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/hEJ5hw8FXlj6IrRCzJOBbjWziymprhVO4qtGZHrf0Kw=438">
<span>
<strong>Resecurity Says ShinyHunters Fell for Honeypot After Breach Claim (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Resecurity has refuted ShinyHunters' breach claims, revealing that the threat actor interacted with a honeypot containing synthetic employee accounts and fake infrastructure rather than production systems.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F01%2F03%2Fcalifornia-residents-can-use-new-tool-to-demand-brokers-delete-their-personal-data%2F%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/CvTD0StHIXM-VzR3gq9PDWn_mMbk4F9QpPl_yrV1ceM=438">
<span>
<strong>California residents can use new tool to demand brokers delete their personal data (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
California's new Delete Requests and Opt-Out Platform (DROP) lets residents file a single verified request to force over 500 registered data brokers to delete their personal data and stop selling it.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Fcovenant-health-data-breach-impacts-478000-individuals%2F%3Futm_source=tldrinfosec/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/ijWCm0xoqCjBvejLrrdhPuiDAok4WKb0pvNyy1row0k=438">
<span>
<strong>Covenant Health Data Breach Impacts 478,000 Individuals (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Qilin ransomware actors breached Covenant Health's systems in May 2025, exfiltrating roughly 850 GB of data, including over 1.3 million files containing names, addresses, Social Security numbers, insurance details, and treatment information for 478,188 people across multiple US states.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/c9M9uNfUpdHru4n05k5p4ltuS8HLAdXIgAKgpyal2Jg=438" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/hf_avcgzq3r69bcKs4G4Zce6kkN44WJbA6Lz1KSqckU=438" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/xTYNNqZMXZ8Ks5LbpAsCcr2zBDppA6fi__EbUaEWg5c=438"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/iUcbRbO9uy2QxluiNOYHoJpxV0OY3_9pke3fMNJUu2w=438" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/lw7m85KZ6Z3VdTGHlGcPc6PELc6s44rDYBnzCDxzTEk=438" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/ZGkJi_lJn5mCaKtwXroaVbtkhmQ7obTvjDj8r00a4IY=438" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/NC-RjikHJDg3jdB1RKdTxMY-wa4HbKQ4-ptUWGflIfE=438"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/fnefc5Wv4Bt5KwJ27TUUtjJOgdeDTagqEsRi0J1jiQs=438"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/7O7CetPzkwH6ddUI3v1lg-yRCCI9DAk-5czyZVpSikA=438"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/MYjQWOF1tUeXH8bqL9c0QipeLor2kGa4Qkatw9Oix0c=438">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=764f677c-ea2e-11f0-a00b-87dd1c8824ff%26pt=campaign%26pv=4%26spa=1767621720%26t=1767622066%26s=927223b5a47baeb0a6c30083d5e07548c33104ae5db827ead36ecbf725b7b8bb/1/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/4g0dicm0e1JX2chAb0lPmyMQ88rdunt3X9ObB9D6694=438">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019b8e7c4296-371cb200-b2bc-4a4a-bba8-ee2a569bbec1-000000/BeuZ-mYQX10ViqNyLwRA_BITkpODWq86dkBp4k8dxWg=438" style="display: none; width: 1px; height: 1px;">
</body></html>