<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">CVE-2026-0625, a critical command injection vulnerability in legacy D-Link DSL routers' dnscfg.cgi endpoint, has been actively exploited in the wild β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/D03ezt76hlj4AwBOM_onYH7hL1slwWATZZ44IboWbTI=439" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/k8uCTFWuJx2xXXK33nb1kZs2DPGIcJ2GP3Qmanwjc6k=439" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=68715d3e-ec74-11f0-8e4f-778417a17d0a%26pt=campaign%26t=1767881267%26s=f818c614481cfc7a29e4f2d938d84d83237d3e53b713d743a289bb3c5a04f92c/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/lFyu5m2P-JdcLkVv1qXNTu9rfp8ieA9RqH4wwapV_4o=439"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fmaterial.security%2Flp-cloud-office-security%3Futm_source=third-party%26utm_medium=email%26utm_campaign=20260108-tldr/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/hqFU_iVHOTyBzvF183pDIgBTxU3IsS--xE8TwneLzLE=439"><img src="https://images.tldr.tech/materialsecurity.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Material Security"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-01-08</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fmaterial.security%2Flp-cloud-office-security%3Futm_source=third-party%26utm_medium=email%26utm_campaign=20260108-tldr/2/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/b4GpkNg8ikcvMCB9vZYeFcdjVblhPFieoV1HvrLwmw0=439">
<span>
<strong>Protect your entire workspace for the cost of email security (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Today's email security stops at the perimeter. Once an attacker slips past your inbound detections, they have free reign over years of sensitive emails, files, and internal comms.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fmaterial.security%2Flp-cloud-office-security%3Futm_source=third-party%26utm_medium=email%26utm_campaign=20260108-tldr/3/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/ACtxgL4vke8324IQHjPriLyTVSs3TzQ02oI9595Fbko=439" rel="noopener noreferrer nofollow" target="_blank"><span>Material</span></a> protects the email, files, and accounts that live in Google Workspace and Microsoft 365, improving security outcomes and boosting efficiency for the same cost of email security alone.</p>
<p>Once deployed, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fmaterial.security%2Flp-cloud-office-security%3Futm_source=third-party%26utm_medium=email%26utm_campaign=20260108-tldr/4/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/1PQF80NLk5ookQLyWb3NY5Ub0aMPcbDOFzUa37RNv8c=439" rel="noopener noreferrer nofollow" target="_blank"><span>Material</span></a> ingests all of your settings, contents, and logs and translates them into:</p>
<ul>
<li>Step-up authentication for sensitive content</li>
<li>Blast radius visualization for accounts,</li>
<li>The ability to detect and respond to threats and risk across the cloud workspace.</li>
</ul>
<p>The fastest-growing companies trust Material. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fmaterial.security%2Flp-cloud-office-security%3Futm_source=third-party%26utm_medium=email%26utm_campaign=20260108-tldr/5/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/oeukjkcZfvaSDO0YTKuU00g3iEuUiSodTnoDsDIds7o=439" rel="noopener noreferrer nofollow" target="_blank"><span>Book a demo to find out what Figma, Reddit, Doordash, Lyft, and many more already know.</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F01%2Factive-exploitation-hits-legacy-d-link.html%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/kIb5yvOM0inIyMRyAl_LQuRAgq7XvVgBs5Ttu8nTGlU=439">
<span>
<strong>Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CVE-2026-0625, a critical command injection vulnerability in legacy D-Link DSL routers' dnscfg.cgi endpoint, has been actively exploited in the wild since November 2025, targeting end-of-life models including DSL-2740R, DSL-2640B, DSL-2780B, and DSL-526B. The unauthenticated remote code execution flaw enables attackers to hijack DNS settings without credentials, allowing them to redirect traffic and persistently compromise all downstream devices behind the router. Organizations must immediately retire affected unpatchable devices and upgrade to actively supported models, as the vulnerability leverages the same DNS configuration mechanism used in previous large-scale DNSChanger campaigns.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.abc.net.au%2Fnews%2F2026-01-07%2Fcar-excess-insurer-prosura-hit-by-cyber-breach-customer-data%2F106204198%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/ARX98hE_8-FqogORQ6Vx4w8o39unf2PJEB7VT4-gZCM=439">
<span>
<strong>Insurer Prosura Hit by Cyber Data Breach, Customers Contacted by Threat Actor (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Australian rental car insurance provider Prosura suffered a data breach that impacted an undisclosed number of customers. The leaked data may include names, email addresses, phone numbers, country of residence, travel details, invoicing and pricing data, and policy dates. The threat actor also directly contacted impacted customers, alleging that the company has been ignoring them.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fledger-customers-impacted-by-third-party-global-e-data-breach%2F%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/G5mLIlkR7_0zx5E_2tJYTtpt4RQqeqsvwMNZY83Zo-o=439">
<span>
<strong>Ledger Customers Impacted by Third-Party Global-e Data Breach (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Ledger has informed some customers who made purchases on ledger.com that their personal data was compromised as part of a breach impacting the third-party payment processor Global-e. Ledger and Global-e have confirmed that no financial information or wallet seed phrases were leaked as part of this breach. Global-e is also notifying other impacted companies that utilize its services.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fobjective-see.org%2Fblog%2Fblog_0x84.html%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/K-vmVHA6QvtMwreZmQTGhtp2nwxytHW9vqKyJpemPC8=439">
<span>
<strong>The Mac Malware of 2025 (35 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The 2025 macOS threat landscape was characterized by a surge in sophisticated infostealers and state-sponsored backdoors that increasingly leverage "Malware-as-a-Service" models and social engineering vectors such as "ClickFix" and fake job interviews. Technical analysis reveals that attackers are bypassing Gatekeeper and static analysis by utilizing signed or notarized binaries and executing multi-stage payloads written in Go, Python, and AppleScript directly in memory. To combat these evolving threats, security professionals must move beyond static signatures to implement behavioral monitoring of process, file, and network activity while educating users on the dangers of executing terminal commands from untrusted sources.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frandywestergren.com%2Fvibe-hacking-proxying-flutter-traffic-on-android-with-claude%2F%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/npXLfsgAqnbFwgweOmnG9L9NAgZRC3sDftR4npIASRA=439">
<span>
<strong>Vibe Hacking: Proxying Flutter Traffic on Android with Claude (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cronometer's Android app uses Flutter's own TLS stack, which ignores system proxies and bakes certificate pinning into libflutter.so, making traditional MITM approaches fail. By combining Frida on a rooted Pixel with custom hooks, it becomes possible to detect and patch Flutter's TLS verification, observe DNS lookups and socket connections, and then transparently redirect selected hosts through a proxy like mitmproxy. Injecting an HTTP CONNECT tunnel at the syscall level lets HTTPS traffic flow through the proxy without modifying the APK.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FmSI038/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/yYxiQYhG3lcNI18sMaMBlT3eh6TBMYKgTU47FR7lubQ=439">
<span>
<strong>All You Need to Know About JA3 & JA4 Fingerprints (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
JA3 and JA4 are both methods for building a client fingerprint from the TLS Client Hello. JA4 adds functionality and human readability and is harder for threat actors to change. Both fingerprints can be effective in threat hunting or monitoring.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fdiversenok%2FDiaSymbolView%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/GiO6y-YR9-PsUw27c6aHImaYNGDdI-dQPlnQIE4q7NU=439">
<span>
<strong>DiaSymbolView (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
DiaSymbolView is a tool for visually inspecting debug information recorded in .pdb files. It relies on the MSDIA API and presents a hierarchy of debug symbols and their 200+ properties.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FCISOfy%2Flynis%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/rBidp9LPErt0bZVWMRQWQqz4axvEL8gfcK62KHwMpWo=439">
<span>
<strong>Lynis (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Lynis is a security auditing tool for Linux, macOS, and UNIX-based systems. It helps with compliance testing (such as HIPAA, ISO27001, and PCI DSS) and system hardening. It is agentless, with optional installation.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.opti.ai%2F%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/wd3FoaTIx_dMYffn5hZSAJtWhyBD44VJDSx5cS2N164=439">
<span>
<strong>Opti (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Opti is an IAM platform that uses specialized LLMs to automate identity governance, least-privilege decisions, and remediation across enterprise environments.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4113463%2Fautomated-data-poisoning-proposed-as-a-solution-for-ai-theft-threat.html%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/5_AsIJIJHbgB3UoyztZHTKoD7ynlJYQ0II1QIR0b5No=439">
<span>
<strong>Automated data poisoning proposed as a solution for AI theft threat (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AURA is a tool that injects plausible false data into AI knowledge graphs, rendering stolen proprietary data useless while authorized users maintain access through secret keys that filter out the poisoned information. The technique degrades unauthorized systems' accuracy to 5.3% while maintaining 100% fidelity for legitimate users, with an under 14% increase in query latency, though experts express skepticism about data poisoning's effectiveness and note that the solution doesn't prevent insider tampering with knowledge graphs. Security professionals should recognize that AI systems face unique challenges in detecting and recovering from compromised data, as poisoned information can propagate through machine learning processes faster than traditional database corruption.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Foutpost24.com%2Fblog%2Fkrakenlabs-research-highlights%2F%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/P1SQqhV-BdV3GhoO26FtYjLUFh-W8f021G8BvzuVD4g=439">
<span>
<strong>KrakenLabs Research Highlights 2025: The Shifts That Redefined the Threat Landscape (14 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
2025's threat landscape evolution was characterized by AI integration into cybercrime workflows, industrialized Crimeware-as-a-Service platforms like Olymp Loader and LabInstalls PPI distribution, and Initial Access Brokers monetizing compromised edge devices, including Belsen Group's sale of 15,000 FortiGate device accesses. The year witnessed a decline in traditional carding fraud under regulatory pressure, while threat actors shifted toward identity abuse and trust exploitation, exemplified by attacks on Salesforce-hosted airline data and on cryptocurrency platforms targeted for geopolitical impact rather than financial gain. Analysis revealed the convergence of ideological hacktivism with ransomware business models, including pro-Palestinian actor zerodayx1's BQTLock RaaS offering and leaked Black Basta chats that exposed operational dynamics, underscoring that basic security failures and third-party risk management remain decisive factors in organizational breach outcomes.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F01%2F07%2Fhackerone_ghosted_researcher%2F%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/n9_flwfzgHY2YKWrvrmjeIlpe-zT6eO2ZO--I0pzm7Q=439">
<span>
<strong>HackerOne 'ghosted' me for months over $8,500 bug bounty, says researcher (4 minute read).</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Security researcher Jakub Ciolek reported two highβseverity Argo CD denialβofβservice bugs through HackerOne's Internet Bug Bounty, expecting about $8,500 after CVEs were assigned and patches shipped. Instead, he faced months of silence despite repeated followβups, raising concerns about trust in crowdfunded bounty programs and the impact of noisy, lowβquality, or AIβgenerated reports on serious submissions.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sciencedaily.com%2Freleases%2F2026%2F01%2F260106001911.htm%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/-QZ1guRWJEdH6Qbgb1X5c-W0nK_l_EDeNB3BFcBuliQ=439">
<span>
<strong>Quantum structured light could transform secure communication and computing (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
International researchers demonstrated quantum structured light techniques that pack significantly more information and security into photons by engineering high-dimensional quantum states.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Fcybersecurity-firms-secured-14-billion-in-funding-in-2025%2F%3Futm_source=tldrinfosec/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/pOV_ddA5tAmQBmfgTDJCa_EBaWsuLd3t0F4ziF6Bbmw=439">
<span>
<strong>Cybersecurity Firms Secured $14 Billion in Funding in 2025: Analysis (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cybersecurity vendors attracted nearly $14 billion across 392 funding rounds in 2025, marking a 47% jump from 2024 and the strongest year since the 2021 peak.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FFZYZrj/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/FDJlJt3IYGwHGAPp2KxjhuAakxUeFdARoJCUTVEIYW4=439">
<span>
<strong>Lack of MFA Is Common Thread in Vast Cloud Credential Heist (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A threat actor called Zestix used common infostealers like RedLine, Lumma, and Vidar to harvest long-lived credentials from infected machines and log dumps, then logged into corporate ShareFile, OwnCloud, and Nextcloud instances that lacked MFA.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/KjE1kYT8LXBJfWTeCzsi7wafK5iy8yMgLVoPz5aXJJw=439" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/m_eP4X5Ta3zgmZGbnSNLG_82ZYCkiCMXi4sm2qUwffI=439" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/l4Cc-h4m_auBtm1DiIwQ6IOnDqQ2AArS9KQmcD7ML-g=439"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/ZDCCugy_QEVZB1iHoaB8zMElEWwj7sTj4OsNsnE_VCI=439" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/7wAOyfy6ZQs65wP9Tv5Ri50o65rfr5Yqvzo4L6tV7ec=439" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/OBbx4US6yvrkPC1AAqYNaXFNZIAIzW44dvXinvNTS8k=439" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/bB8SlI8TRy7g3nyd_1WbbBP94-aH_VTCej53dvOWiHY=439"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/sF3bfz8_awFZhfMWWwnXw_urBEgYoUmEfP3oJ--b98E=439"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/vcVwhen6vkvfM_rnbHXORg9o_0Pmik8ZQiXIjNtrseU=439"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/Dwsld0zFA_xaO2GbxJBQhpfkSE4V80OhcIr4dNY2vLk=439">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=68715d3e-ec74-11f0-8e4f-778417a17d0a%26pt=campaign%26pv=4%26spa=1767880925%26t=1767881267%26s=dc7d09654982fb90ca822e7ded6245d6fa96599c715491d7b581af4ae918374c/1/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/VL9-MDOqfI4Zdc4xA7kd4JSTE2JIYXOG85XDgEG4Pkk=439">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019b9def5a98-779e557a-4c6e-43b8-8f65-49770de52763-000000/nJpN-jYvLE3t2UNKm5Ksc_9LWueOhUMUXtVG3YbFRjY=439" style="display: none; width: 1px; height: 1px;">
</body></html>