<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Brightspeed, a major fiber broadband provider in the US, is probing claims by the Crimson Collective extortion gang that it stole data โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/-VVqeU2M6isyW0FJzaP_VrMzhEnEb_AJcqmoRw0DgtM=439" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/TFXUdpsJBFWHT2598mVS9MIwQ26mNMUH5f2blUEa0lU=439" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=ecbeae1e-ead7-11f0-bfb9-9ddf348471cb%26pt=campaign%26t=1767708479%26s=6d47a0c2e0866ae3d97eec4c3317404423e67f4f65c1a330c95109e32b1bf390/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/m5xMwYjxLkiJsWan-RAFaV230TunLFJV7rppt7Vfygk=439"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fai-and-threat-intelligence-guide%3Futm_campaign=Resource_RP_AI_Threat_Intelligence%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000RZE8cIAH/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/fuhxDooe_FfusDHqYaIs34xgjX6db537KP6hNDJBPJ4=439"><img src="https://images.tldr.tech/flashpoint.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Flashpoint"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-01-06</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fai-and-threat-intelligence-guide%3Futm_campaign=Resource_RP_AI_Threat_Intelligence%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000RZE8cIAH/2/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/97ElDpBXyr1t0QV-WDHnwVmo7OK6cTRqb7XGReUhMfM=439">
<span>
<strong>The Dark Side of AI: 2.6MM Underground Messages Analyzed (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Flashpoint just released a massive study of the AI threat landscape. Analysts monitored over <strong>2.6 Million AI-related posts</strong> across Telegram, the dark web, and underground LLM forums.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fai-and-threat-intelligence-guide%3Futm_campaign=Resource_RP_AI_Threat_Intelligence%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000RZE8cIAH/3/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/pZek0lw-Ksr0f1pdDXshPCC-n0J3jsUGI-gCeJ064Rk=439" rel="noopener noreferrer nofollow" target="_blank"><span>The findings are a wake-up call</span></a>. Threat actors are no longer just "experimenting" โ they are deploying:</p>
<ul>
<li><strong>Deepfake-as-a-Service</strong> for sophisticated social engineering.</li>
<li><strong>Multilingual phishing kits</strong> that erase language barriers.</li>
<li><strong>Fraud-GPTs:</strong> Custom LLMs fine-tuned specifically for malicious activity.</li>
</ul>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fai-and-threat-intelligence-guide%3Futm_campaign=Resource_RP_AI_Threat_Intelligence%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000RZE8cIAH/4/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/zv-v0z0psE4asr8obnj7F5x-OA1OBBcwWHdNXZJu9yY=439" rel="noopener noreferrer nofollow" target="_blank"><span><strong>Get the Free Guide </strong></span></a>to learn how to stop AI-powered attacks.</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fus-broadband-provider-brightspeed-investigates-breach-claims%2F%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/I4xmLmP0LGQ2AkNzivhMU8VZgQaPUsCTP5dHSqRZ8uw=439">
<span>
<strong>US broadband provider Brightspeed investigates breach claims (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Brightspeed, a major fiber broadband provider in the US, is probing claims by the Crimson Collective extortion gang that it stole data on over 1 million customers, including PII, account information, and limited payment details. The company has confirmed an ongoing cybersecurity investigation and promises updates to customers, employees, and authorities.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Fsedgwick-confirms-cyberattack-on-government-subsidiary%2F%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/WRBjeJMk-b8MwfMJ3M2dxvvsQR6q6Cp4KSe_4i0PCPU=439">
<span>
<strong>Sedgwick Confirms Cyberattack on Government Subsidiary (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Sedgwick says a ransomware-linked cyberattack hit an isolated file transfer system at its Sedgwick Government Solutions unit, which serves US agencies such as DHS and CISA. The firm reports no evidence of access to claims management servers or broader network impact and continues operations while law enforcement and clients are notified.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fvscode-ide-forks-expose-users-to-recommended-extension-attacks%2F%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/PKvQTjy857vjkbK7Tv9nA2tRIS3mrllyVcFhQgRYFHw=439">
<span>
<strong>VSCode IDE Forks Expose Users to โRecommended Extensionโ Attacks (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AI-powered IDEs such as Cursor and Windsurf have been exposing users to additional risk by recommending non-existent extensions in the OpenVSX registry. These IDEs are forked from Microsoft VSCode, but cannot use extensions from the official store. However, they are supported by OpenVSX. Researchers from Koi have discovered several recommended extensions that are not available in the OpenVSX marketplace and are vulnerable to attackers claiming namespaces to deliver malicious extensions.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐ง </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4108270%2Fcybersecurity-skills-matter-more-than-headcount-in-the-ai-era.html%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/3LoYJshSBA9extDOTsZ8n8lvuLtpFvcfwYbiKH_9Z-Y=439">
<span>
<strong>Cybersecurity skills matter more than headcount in the AI era (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
ISC2's 2025 Cybersecurity Workforce Study revealed that skills gaps have overtaken headcount as the primary concern, with 95% of 16,029 surveyed professionals reporting at least one skill need and 59% citing critical or significant gapsโincreases of 5% and 15% respectively from 2024. Nearly 90% of respondents experienced at least one significant cybersecurity event due to skills shortages, while AI adoption accelerated rapidly, with 28% already integrating AI tools and 69% actively involved in adoption. AI and cloud security were identified as the top critical skills needs at 41% and 36%. Organizations should prioritize capability development over headcount expansion through sustained AI upskilling investments and realistic workload management, as 48% of professionals feel exhausted staying current with threats, while 75% plan to remain with their current employer for one year, but only 66% for two years.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fkrebsonsecurity.com%2F2026%2F01%2Fthe-kimwolf-botnet-is-stalking-your-local-network%2F%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/cp865dM7tfFY_B_l00zTnwaVi-dLhSZDoTa7YPFxRUw=439">
<span>
<strong>The Kimwolf Botnet is Stalking Your Local Network (14 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Kimwolf botnet infected over 2 million devices worldwide by using residential proxy networks (mainly IPIDEA) to bypass firewalls and directly access devices on internal networks. Two-thirds of these infections came from unsanctioned Android TV boxes sold on major e-commerce platforms, which ship with Android Debug Bridge mode enabled by default. RIT researcher Benjamin Brundage found that attackers exploited a vulnerability allowing DNS records to point to RFC-1918 internal addresses, bypassing domain restrictions and deploying malware on devices behind routers once thought to be secure. In response, IPIDEA released security patches to block internal network access and high-risk ports after receiving Brundage's December 2025 vulnerability report. Users should remove vulnerable Android TV boxes, set up guest Wi-Fi for visitors, and understand that traditional LAN security measures are now dangerously outdated.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdeceptiq.com%2Fblog%2Fntuser-man-registry-persistence%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/afw7j6IBNoZLSd4yX2XOmOOoQFaSwmrrCkF2pvAhkKs=439">
<span>
<strong>Registry Writes Without Registry Callbacks (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Windows supports mandatory user profiles using an NTUSER.MAN hive file, which, when present in a user's profile, completely replaces the normal NTUSER.DAT hive for HKEY_CURRENT_USER during logon. By crafting and dropping a modified NTUSER.MAN that includes persistence keys, an attacker can ensure those keys are loaded into the user's registry hive without using standard registry APIs, thereby sidestepping EDR products that rely on CmRegisterCallbackEx telemetry. This technique only requires medium-integrity access, works well with roaming or AD-based mandatory profiles, and is primarily detectable through filesystem events and unusual .MAN files or profilePath changes rather than registry logs.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐งโ๐ป</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fdis0rder0x00%2FDbgNexum%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/SO9TaRuu_8Z75UxG9ltJQ8579jLpCKw1vxXiQPJfTm8=439">
<span>
<strong>DbgNexum (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
DbgNexum is a Proof-of-Concept for injecting shellcode using the Windows Debugging API and Shared Memory (File Mapping). It avoids writing and reading remote memory directly, instead using context manipulation to force the target process to load and execute the payload itself.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.scalekit.com%2F%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/AdraNkxfECqU9h6zhAz3M2vH2Zz9Kliff4DgBI1h8_w=439">
<span>
<strong>Scalekit (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Scalekit provides a modular authentication stack for AI and SaaS apps, securing AI agents and human users with OAuth 2.1, token vaults, and secure tool-calling so agents can safely act in external apps like Gmail, Slack, and Notion.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fqeeqbox%2Fsocial-analyzer%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/d7enivkdwMxMZdvWuiyFp623HR_6j0C7lE0L3iQRf6Y=439">
<span>
<strong>Social Analyzer (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Social Analyzer is an API, CLI, and Web App for analyzing and finding a person's profile across over 1,000 social media/websites. It includes different analysis and detection modules, and you can choose which modules to use during the investigation process.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F01%2Ftransparent-tribe-launches-new-rat.html%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/mlhqpeL3Q8-UvPoCIEZgukLiZfseRXyVGuIq0EmsDY4=439">
<span>
<strong>Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia (9 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Transparent Tribe (APT36) deployed remote access trojans against Indian governmental, academic, and strategic entities through spear-phishing emails containing weaponized LNK files disguised as PDFs that execute remote HTA scripts via mshta.exe to deliver the final RAT payload. The malware employs adaptive persistence mechanisms based on detected antivirus solutions, with the deployed DLL supporting remote system control, file management, data exfiltration, screenshot capture, and clipboard manipulation capabilities. The campaign demonstrates Transparent Tribe's continuous toolkit evolution, with related activity linking the group to Patchwork APT and the new StreamSpy trojan that uses WebSocket channels for C2 communication to evade HTTP traffic detection.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F01%2F05%2Fhacktivist-deletes-white-supremacist-websites-live-on-stage-during-hacker-conference%2F%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/INIP_nOrAYayS-SrC8W8_JOBrv6msyoQ6JhKP__imBE=439">
<span>
<strong>Hacktivist deletes white supremacist websites live onstage during hacker conference (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
At the Chaos Communication Congress in Hamburg, hacktivist Martha Root liveโdeleted three white supremacist platforms - WhiteDate, WhiteChild, and WhiteDeal - after infiltrating them using AI chatbots that passed their racist verification checks. The stunt wiped the sites' servers, exposed serious security lapses and user data patterns, and sparked debate as the outraged administrator decried โcyberterrorismโ while activists framed the action as a direct antiโracist intervention.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Framimac.me%2Fsecurity-vendor-research-sins%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/7jmEZWfSpdZ0GOou8KzHfY8thDBdVZ-1ubHnZAKPiqE=439">
<span>
<strong>The Sins of Security Vendor Research (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Security vendors often provide valuable research, but also commit โsinsโ that diminish the value of the research. Security vendors often emphasize fear, uncertainty, and doubt by overdramatizing a risk and then suggesting that the only solution is their product, or ignoring prior research to imply a false sense of novelty for their product. Other research sins may involve statistical sins, such as drawing causations from mere correlation and allowing marketing to pollute the research.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">โก</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Ffinnish-detain-crew-undersea-internet-cable%2F%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/5iLzCcY2inwVIrvMOkCtl1z4nAGxHily6mh3wM7-yPc=439">
<span>
<strong>Finnish Authorities Detain Crew After Undersea Internet Cable Severed (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Finnish authorities detained the cargo ship Fitburg and arrested two crew members after undersea cables connecting Finland and Estonia were severed on New Year's Eve.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Fpresident-trump-orders-divestment-in-2-9-million-chips-deal-to-protect-us-security-interests%2F%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/O3f_ZwiVa829KYyUezy3X6EaiRksoh-j0QGZ_fpiq58=439">
<span>
<strong>President Trump Orders Divestment in $2.9 Million Chips Deal to Protect US Security Interests (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
President Trump has ordered HieFo Corp. to divest aerospace and defense chip technology acquired from Emcore Corp. for $2.9 million within 180 days.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F01%2F05%2Fnz_managemyhealth_breach_review%2F%3Futm_source=tldrinfosec/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/b560BLjeVNsxjf60NrQKZDWdDlbedauGqOAQEZK6jGc=439">
<span>
<strong>New Zealand orders review into ManageMyHealth cyberattack (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
New Zealand's health minister has ordered a formal review into the ManageMyHealth cyberattack, which potentially exposed highly sensitive medical data for more than 100,000 patients.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/Ji1k93SIymiRsXKcFraq6xQLbh7bEi1EScPVnoLUgkE=439" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/Yw5A3bAPsLBhe-GoZfMsBT9ggWr94hWDiqbXgi18qTs=439" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? ๐ฐ
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/ElQTwI6YbwDePcp8e6B2UXKX459kXLfB-ZZ9gsT8_ow=439"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? ๐ผ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/tbNiPFXheY8zmLXvfRzFFESGwIpr1ddB5L6_Q92faNc=439" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/PP-DtbzAZLQpt9f7M9hmnBr_LLF-4AbzowzAkscy0Z0=439" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/hYp9eBUb3rv0rCeYepFyyz8uZFpKFzRi4dnJa2LqblE=439" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/Lhq6TrafhokLH1lU8bYX04XRhX_W61fobdSrE4fglPE=439"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/yyDRjxJh1JLyXBGv5daR3SU7qW6EXR4DiMfEjFx8Zqc=439"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/1ap00oXNCX98aBddDoN5dX-9PnAZaTmHYNiM_JJm6F0=439"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/oiVNO0SyLMex-vQAYzoMAzxPrH-C-U5rC2RiA7hPORg=439">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=ecbeae1e-ead7-11f0-bfb9-9ddf348471cb%26pt=campaign%26pv=4%26spa=1767708168%26t=1767708479%26s=c11ba65cdac351d8217cc12e4442dc34b4add2854b55608006f1fe09401f51f5/1/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/F0QIdW6ix1LQItaOwOxjbxmLqJYST5llCI09BdZCxsY=439">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019b93a2d15b-917b9fda-0099-4bb9-a2a5-b2778ef84614-000000/gx4-L52y5-H7mn1ZNwAh4K3gClIUE39KloQFFbtraA8=439" style="display: none; width: 1px; height: 1px;">
</body></html>