<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">An threat actor has claimed to have stolen a trove of Targetβs internal source code and documentation and is selling it on dark web marketplaces β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/1B7p0dos4ktORG8wTWhQ1wG09N4W-i34s5I7qPI3siI=440" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/5u-ndY3zE4SkueiKYnZklMtbrd9vdK8LHbdVG8NDRy4=440" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=b415a4ae-f136-11f0-9bc9-ad43c0c92770%26pt=campaign%26t=1768399655%26s=958751338ed99c32b08d51629f6bd028be97cf10ed20de1f2461093cc09fc3d1/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/XHP4-5svnvSQHkcpLikr_oEFPT5P2FyZDk0WbvG9yQ0=440"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sumologic.com%2Fblog%2Fwelcome-dojo-ai-agents-soc%3Futm_medium=email%26utm_source=TLDR%26utm_term=cloud-siem%26utm_id=701VK00000KhKeHYAV%26utm_campaign=20251204-global-awsmp-TLDR-primary/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/BCn8_TUitRvRFq4gZldMuUZf_Euljp2rj8hkEtE_jbY=440"><img src="https://images.tldr.tech/sumologic.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Sumo Logic"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-01-14</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sumologic.com%2Fblog%2Fwelcome-dojo-ai-agents-soc%3Futm_medium=email%26utm_source=TLDR%26utm_term=cloud-siem%26utm_id=701VK00000KhKeHYAV%26utm_campaign=20251204-global-awsmp-TLDR-primary/2/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/1tFI9LkFzGAQs-W_wDq1kwshvk1o1l23Nxkr4ZG6p-k=440">
<span>
<strong>AI Agents That Actually Accelerate your Investigations (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Most "AI for security" tools don't actually make your workflows faster or easier. Sumo Logic's <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sumologic.com%2Fblog%2Fwelcome-dojo-ai-agents-soc%3Futm_medium=email%26utm_source=TLDR%26utm_term=cloud-siem%26utm_id=701VK00000KhKeHYAV%26utm_campaign=20251204-global-awsmp-TLDR-primary/3/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/gLW7N2jYMNjFU8e8RsbrBKGH5ssXwzL8IV5CyrFcmp4=440" rel="noopener noreferrer nofollow" target="_blank"><span>Dojo AI</span></a> is a different beast, deploying specialized agents that work together to triage alerts, explain what triggered them, and write queries for you.
<p></p>
<p>>> Mobot lets you use natural language to run an investigation
<br>>> Query Agent turns natural language into precise searches for faster root cause analysis
<br>>> Summary Agent explains each insight so you know where to start your investigation</p>
<p>β <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sumologic.com%2Flp%2Faws-logs-security%3Futm_medium=email%26utm_source=TLDR%26utm_term=cloud-siem%26utm_id=701VK00000KhKeHYAV%26utm_campaign=20251204-global-awsmp-TLDR-primary/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/arF6niXQUaVTprKTOQVtWKlI60vzG-B_PqwsshUm470=440" rel="noopener noreferrer" target="_blank"><span>Get a demo of Sumo Logic</span></a></p>
<p>β<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sumologic.com%2Fbriefs%2Fgartner-siem-critical-capabilities%3Futm_medium=email%26utm_source=TLDR%26utm_term=cloud-siem%26utm_id=701VK00000KhKeHYAV%26utm_campaign=20251204-global-awsmp-TLDR-primary/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/KoOhUwTkONNQpWHm376lgkiMpSJSwui3CuqHDHmSUP0=440" rel="noopener noreferrer" target="_blank"><span> Download the Gartner Critical Capabilities for SIEM report</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Feverest-ransomware-nissan-data-breach%2F%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/1eXN8HCYzyf1afAxdNrrqTk3QIzkRdRRBeC8ofEQERw=440">
<span>
<strong>Everest Ransomware Claims Breach at Nissan, Says 900GB of Data Stolen (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Everest ransomware group claimed to have breached Nissan Motor Corporation, posting screenshots on their dark web leak site showing directory structures with 900GB of allegedly stolen data, including dealership information, financial records, and operational documentation in .csv, .txt, .pgp, and .xls formats. The group issued a five-day deadline before public release, continuing their aggressive 2025-2026 campaign that has targeted ASUS, Chrysler, AT&T, and other major organizations. This marks Nissan's third significant security incident in recent years, following the Qilin ransomware attack on its design subsidiary and the 2023 breach affecting over 100,000 individuals.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Fspanish-energy-company-endesa-hacked%2F%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/Ww5hMbMbieVqILl7sSC1Wl1c0Gh-tr2yki3r7S2ngsw=440">
<span>
<strong>Spanish Energy Company Endesa Hacked (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Hackers broke into Spanish utility Endesa's commercial systems and accessed customer data of over 20 million customers, including identification details, national ID numbers, contract information, and IBAN payment data. The company says passwords were not exposed, operations remain normal, and extra security measures and monitoring are in place.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftargets-dev-server-offline-after-hackers-claim-to-steal-source-code%2F%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/YmYOrvOxiJnR0WAIrOl2w6zCK2YtIaYClYegHqszuUA=440">
<span>
<strong>Target's Dev Server Offline After Hackers Claim to Steal Source Code (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
An unknown threat actor has claimed to have stolen a trove of Target's internal source code and documentation and is selling it on dark web marketplaces. After BleepingComputer contacted Target for comment, the files were taken offline, and Target's Git server became inaccessible from the internet. Multiple Target employees have confirmed that the source code samples are legitimate.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcirriustech.co.uk%2Fblog%2Foidsee%2F%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/6sPLghYs8ixqF2cgmiP90Y9BFyAnmreJnDh7eLrZMvI=440">
<span>
<strong>OID-See: Giving Your OAuth Apps the Side-Eye (26 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
OAuth in Microsoft Entra creates complex webs of apps, permissions, and identities that are hard to reason about with tables alone, so modelling everything as a graph reveals abuse paths such as impersonation and longβlived access that would otherwise stay hidden. OID-See uses Microsoft Graph to map service principals, delegated scopes, app roles, ownership, assignments, and reply URLs into a graph-backed analysis. It then layers scoring and enrichment to highlight risky apps, misleading Microsoft-shaped metadata, and dangerous patterns like broad reachability, wildcard redirects, and stale credentials.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsubstack.bomfather.dev%2Fp%2Fstopping-kill-signals-against-your%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/e0g8fbmaz0Js0PkpB73J3kFxYlyeAEjwQ8H2r7fF1Eo=440">
<span>
<strong>Stopping Kill Signals Against Your eBPF Programs (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
When malicious processes gain elevated privileges, they can disable eBPF agents, weakening a system's security posture. To prevent this, defenders can hook security_task_kill to prevent kill signals from reaching the eBPF agent. However, this also blocks any kill signals sent by defenders, such as to upgrade the agent. Defenders can instead set the eBPF hook to accept a signed signal with a nonce for restarts.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdeceptiq.com%2Fblog%2Feventbridge-pattern-matching-guide%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/tW_5m-dKCPXeh12bZFCiY2aMPdZdgP2W1_egR9mm7TU=440">
<span>
<strong>EventBridge Pattern Matching: A Field Guide (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
EventBridge JSONs can become very complex quickly. AWS provides very little documentation to help parse them. Fields at the same level of the JSON are ANDed together, whereas values in an array are ORed together. If a user wants to apply an OR to two fields, they can use the $or operator. However, users should be careful when nesting $ors, as each branch gets expanded into additional sub-patterns that can become contradictory or complex to debug. This post also covers other operators and how to combine them to develop complex Boolean logic.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F01%2Fanthropic-launches-claude-ai-for.html%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/Oum1nAYoPcoyGE7kRUbYotATkhAfcvTdF2Oig7EtQW8=440">
<span>
<strong>Anthropic Launches Claude AI for Healthcare with Secure Health Record Access (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Claude for Healthcare enables Pro and Max subscribers in the US to connect health records via HealthEx, Function, and upcoming Apple Health/Android Health Connect integrations for medical history summarization and test result explanations. The implementation features privacy-by-design controls allowing users to manage data sharing permissions, with health data explicitly excluded from model training. Anthropic's Acceptable Use Policy requires qualified professional review of outputs for high-risk healthcare decisions, acknowledging AI limitations in medical contexts.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FA-poc%2FRedTeam-Tools%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/oLamhmikUU2bs9EdINNaj0ZyVKzoB-7p8G943KprglU=440">
<span>
<strong>RedTeam-Tools (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This GitHub repository contains a collection of 150+ tools and resources that can be useful for red teaming activities. Some of the tools may be specifically designed for red teaming, while others are more general-purpose and can be adapted for use in a red teaming context.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F01%2Fgobruteforcer-botnet-targets-crypto.html%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/7AsN2gc0WxG0v-sSbdJI6X6CIiSl6oLJOmEc6J9dUD4=440">
<span>
<strong>GoBruteforcer Botnet Targets Crypto Project Databases by Exploiting Weak Credentials (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Check Point Research identified an upgraded GoBruteforcer campaign targeting cryptocurrency and blockchain project databases, exploiting weak credentials spread via AI-generated server-deployment tutorials and legacy XAMPP stacks that expose FTP and phpMyAdmin interfaces. The Golang-based botnet features an obfuscated IRC bot, dynamic credential lists that include crypto-focused usernames, and a module that queries TRON blockchain addresses for non-zero balances. Separately, GreyNoise observed 80,469 sessions over 11 days from threat actors systematically probing 73+ LLM endpoints across major AI providers, hunting for misconfigured proxy servers that leak API access.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Fdutch-port-hacker-sentenced-to-prison%2F%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/-HOj1ozSit4kugc1-9CN7LKgETopweEyWOdKGauXFiw=440">
<span>
<strong>Dutch Port Hacker Sentenced to Prison (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A Dutch man was sentenced to seven years in prison for hacking port logistics systems in the Netherlands and Belgium to support cocaine smuggling operations. He used malware delivered via USB sticks, with help from an insider, to gain remote access, steal data, and intercept communications.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F01%2F13%2Favcheck_arrest%2F%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/iZ7UA4iInmOLac7latnQPgQZ-TeGvq47KmUjSGt5v8w=440">
<span>
<strong>Dutch cops cuff alleged AVCheck malware kingpin in Amsterdam (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Dutch authorities have arrested a 33-year-old Dutch suspect at Schiphol Airport, accusing him and two linked companies of running AVCheck, a major counter-antivirus platform that lets criminals test and fine-tune malware against multiple security products. AVCheck, dismantled in May 2025 during Operation Endgame, allegedly helped attackers perfect campaigns by identifying which targets and defenses were easiest to evade.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Flegal%2Fcalifornia-bans-data-broker-reselling-health-data-of-millions%2F%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/whPfn0obYrKCpf1g7kNNtNQwrJq180X8hXsE2iWKKCo=440">
<span>
<strong>California bans data broker reselling health data of millions (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CalPrivacy fined Datamasters $45,000 and banned the unregistered data broker from selling Californians' personal information after it traded hundreds of millions of records containing sensitive health data.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F01%2F13%2Fman-to-plead-guilty-to-hacking-us-supreme-court-filing-system%2F%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/lyzBr0PMsC6bcygrGE-B-DERHTBHbaOInUaRUDuphZk=440">
<span>
<strong>Man to plead guilty to hacking US Supreme Court filing system (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A 24-year-old Tennessee man, Nicholas Moore, repeatedly accessed the US Supreme Court's electronic filing system without authorization over 25 days between August and October 2023, obtaining unspecified information from a protected computer.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberscoop.com%2Fmicrosoft-patch-tuesday-january-2026%2F%3Futm_source=tldrinfosec/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/qyiQ5y7vqKppcRPjZ52XLDb5XR6Q6fmAEGbzBZdGrdE=440">
<span>
<strong>Microsoft Patch Tuesday addresses 112 defects, including one actively exploited zero-day (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft's January 2026 Patch Tuesday addressed 112 vulnerabilities, including CVE-2026-20805, an actively exploited information disclosure zero-day in Desktop Window Manager (CVSS 5.5) that CISA added to its KEV catalog.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/HjSLxIEkEpWn9V8jXG0SrB_eucZxTNmZsKwPCk3Xslo=440" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/1AUAcJeq2zsLClVfgLMvIJ8y2x_j7a7ixu51bqHJm_c=440" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/mp6HOhNsh9VYtYdf7EuBdm7t1zmHPdd80gWbENESxSs=440"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/8zCjb2NHaBKiEXeSaNGv4f4IAzpUWCLyCdxMULnA3AY=440" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/kbhxSrH7NID-Z3qoZpIa8nHv2xZhbiDxmVc-It8tY4I=440" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/GLn_Xine2-0k9OqcQY6h9GfmIrnNevx_lTF_UM8ki6c=440" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/akQWV3C399ftEucEZBl37OqqOQxndr66ExE9d21FIjo=440"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/OJ7AJmxVgTE88xqLc0b5zrpptk7yLWKhS5QmOUT0ds0=440"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/fZWWLQEx1qJ4Jz3AKNSauKj07w-sVZbLvHupDjB0r48=440"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/juUl-nYBEJIKalMo0MbxTkycL5x51OrQ9Y_RHaxQ9XQ=440">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=b415a4ae-f136-11f0-9bc9-ad43c0c92770%26pt=campaign%26pv=4%26spa=1768399338%26t=1768399655%26s=89e37404d574a8685798a0f007c47eacfc63f419a49ef5eb8bd469f1bbcbe589/1/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/qDVHVBNZY-914jevlIKCDbFBZU9bbdhJl7VEE35gyXw=440">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019bbcd550fd-8c63e381-dcc6-427e-b491-529c9b16d98c-000000/OLTa0EAsmnPDzO6qOCvTZmN0x8OQC8_kUegLZFG1alc=440" style="display: none; width: 1px; height: 1px;">
</body></html>