<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR IT</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">The EC confirmed a cyberattack affecting its AWS-hosted cloud infrastructure, with attackers claiming to have exfiltrated over 350GB of data β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Fit%3Futm_source=tldrit/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/Dcn2xbJCluStLLN6hYaNyNz8IE5Cd_O4FKilHJuF5lo=450" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrit%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/JAxnvVr5fGYd6EutY8YPHpDuDNqlFoSW-7QQ-Rypnmk=450" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=166d97d4-84b7-11f0-a1b2-47c5c04ad337%26p=2849b28c-2c21-11f1-b92e-4bde7c51025b%26pt=campaign%26t=1774874682%26s=e2dde10b0de369119297644f0ad07bfb952d59fbb12e575b24f1467504d74ed4/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/1jPb_JRKuDpw4xHypgLPx0WI8k-4E56LDqx5nyU7Pnk=450"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.wiz.io%2Flp%2Fai-security-board-report-template%3Futm_source=tldr-it%26utm_medium=paid-email%26utm_campaign=FY26Q4_INB_FORM_AI-Security-Board-Report-Template%26sfcid=701Vh00000Wn7E1IAJ%26utm_term=FY27Q1-tldr-it-primary%26utm_content=AI-Board-Report/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/AAR6CGXfKJ_PfUmXJipn38ZYY99eu_9ax4WRZ3xERhk=450"><img src="https://images.tldr.tech/wiz50.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Wiz"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR IT <span id="date">2026-03-30</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.wiz.io%2Flp%2Fai-security-board-report-template%3Futm_source=tldr-it%26utm_medium=paid-email%26utm_campaign=FY26Q4_INB_FORM_AI-Security-Board-Report-Template%26sfcid=701Vh00000Wn7E1IAJ%26utm_term=FY27Q1-tldr-it-primary%26utm_content=AI-Board-Report/2/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/72lNEiYnHcovnk-3FcG14ZbAVGly_64jOs3gL5t_jcA=450">
<span>
<strong>AI security introduces new risks, but boards still expect clear, business-aligned answers. (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This free, editable <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.wiz.io%2Flp%2Fai-security-board-report-template%3Futm_source=tldr-it%26utm_medium=paid-email%26utm_campaign=FY26Q4_INB_FORM_AI-Security-Board-Report-Template%26sfcid=701Vh00000Wn7E1IAJ%26utm_term=FY27Q1-tldr-it-primary%26utm_content=AI-Board-Report/3/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/ww0MmiYmISl0_1nxjCgID3tbAij7UWf5pfNNCkfuSoY=450" rel="noopener noreferrer nofollow" target="_blank"><span>board report template</span></a> helps CISOs and security leaders communicate AI risk, posture, and priorities in a way the board understands, using real metrics, risk narratives, and strategic framing.
<p></p>
<p>What this template helps you do:</p>
<ul>
<li>Frame AI security in business terms</li>
<li>Highlight risk using clear metrics and KPIs</li>
<li>Drive informed board-level decisions</li>
</ul>
<p>π <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.wiz.io%2Flp%2Fai-security-board-report-template%3Futm_source=tldr-it%26utm_medium=paid-email%26utm_campaign=FY26Q4_INB_FORM_AI-Security-Board-Report-Template%26sfcid=701Vh00000Wn7E1IAJ%26utm_term=FY27Q1-tldr-it-primary%26utm_content=AI-Board-Report/4/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/ljucx9VqB--ArBW4d1Cg2QIIigRptpvsNBfh6vm9oBA=450" rel="noopener noreferrer nofollow" target="_blank"><span>Get the Template!</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>News & Trends</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FCLb38h/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/jIbpJ1a_wW-_wpyOLiRmsxJZ0qx4wrXa9VmQzmo1CCY=450">
<span>
<strong>European Commission Confirms Cyberattack - AWS Account Compromise, 350GB Claimed Stolen (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The European Commission confirmed a cyberattack affecting its AWS-hosted cloud infrastructure, with attackers claiming to have exfiltrated over 350GB of data, including databases and internal records. While full impact is still under investigation, the incident highlights a key risk: cloud account compromise (likely identity/IAM-related) can expose massive datasets even without breaching core infrastructure.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FkZkmuF/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/ifibrhxq0N9-Sa7t6g0SCHDk2t_Z6UDl812EY3ZVWjs=450">
<span>
<strong>AI plumbing is becoming the new attack surface (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Multiple critical vulnerabilities across LangChain and LangGraph expose filesystem data, environment secrets, and conversation history, while Langflow RCE exploits show how quickly attackers can gain full control and extract API keys. AI frameworks now sit directly on top of sensitive data and credentials, making them high-value targets and shifting attacks toward the βAI plumbingβ layer that connects models to enterprise systems.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F03%2F29%2Fsoras-shutdown-could-be-a-reality-check-moment-for-ai-video%3Futm_source=tldrit/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/bUhj-Eiw8pF9ljw1otOq-SiaHX4HkJ0kL1JtwCQI6-s=450">
<span>
<strong>Sora hits a wall (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
OpenAI's decision to shut down the Sora app and related video models just six months after launch is less a one-off product story and more a signal that flashy AI demos still struggle to become durable products. Pilot excitement is not the same thing as operational fit, and vendor stability matters more than novelty right now.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Analysis & Opinions</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FIYqQOj/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/sXlyP7wduB_6T8hyJOHV3Nml0WqkBlRQRBITo1P2zgE=450">
<span>
<strong>AI as Job Creation Engine, Not Just Automation (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AI is ultimately a job creation technology, driving new roles, workflows, and βsuperworkerβ models rather than simply eliminating jobs. The challenge isn't job loss, it's redesigning roles, reskilling teams, and adapting operating models fast enough to capture the upside.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FmHtT1G/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/5nTTyaC8UX8rSB_kCmX9yGzG3sOeX2XemQQ5R_sMgqo=450">
<span>
<strong>CIOs Reassess SaaS Strategy as AI Agents Redefine Enterprise Software (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
As AI agents take on more work, CIOs are re-evaluating SaaS, not as something being replaced, but reshaped into more action-oriented, orchestrated systems. Employees may interact less with apps directly, while IT manages the control layer, coordinating agents across them.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FlOydAK/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/horL9mq16EuY_EH0RPVoxdWyz0dv2xU7309CIxHkqfg=450">
<span>
<strong>RSAC 2026 Highlights: From Agentic AI to Active Defense (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
RSAC 2026 highlighted a shift toward securing agentic AI, identity, and increasingly autonomous threat landscapes, with AI-driven attacks accelerating globally. Move beyond detection to active defense models, where AI systems both defend and respond in real time rather than relying on human-led processes.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π€</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Partnerships</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.vanta.com%2Fresources%2Fnew-in-vanta-march-2026%3Futm_source=tldrit/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/ArgltaraLEiMAzQ4oXe933SRf7swpCIRUDpcdmh01QM=450">
<span>
<strong>Vanta March Update: AI Agents, Vendor Risk Automation, and New Global Frameworks (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Vanta rolled out a series of updates, including AI-powered agents for compliance and vendor risk (TPRM), enhanced continuous monitoring for third-party risk, and support for new frameworks like Cyber Essentials and Essential Eight. These changes let teams automate evidence collection, continuously track vendor posture, and reduce manual audit prep instead of relying on periodic reviews.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.cnbc.com%2F2026%2F03%2F24%2Farm-launches-its-own-cpu-with-meta-as-first-customer.html%3Futm_source=tldrit/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/KFv6H229eClhiOXjpk6BnSM3alD_rkGTXP3CcORR0VI=450">
<span>
<strong>Arm Launches Its Own CPU, With Meta as First Customer (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Arm unveiled its first in-house data center CPU for AI workloads, with Meta as its first customer. Arm is moving from licensing designs to competing directly in the data center, with CPUs increasingly acting as the orchestration layer coordinating GPUs, data, and AI systems.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4145127%2Fruntime-the-new-frontier-of-ai-agent-security.html%3Futm_source=tldrit/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/hTIcDrV-qpDwrnsGZGqkFoZEPSkTT4kkm6gQNaACX2M=450">
<span>
<strong>Agent security moves to runtime (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The next major security challenge is not just securing access to agents, but monitoring what they actually do once they are inside enterprise systems. This means governance cannot stop at permissions, because the real risk is behavior across tools, files, email, and internal applications.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2Fi06Ar1/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/nAMMvAMRiKSZNavEaUaiKXSbRoyC3SZGAtk9gND_WqE=450">
<span>
<strong>Fake VS Code Alerts on GitHub Spread Malware to Developers (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attackers are posting fake VS Code vulnerability alerts across GitHub Discussions, using spoofed CVEs, impersonation, and mass tagging to trick developers into downloading malware from external links. The campaign is highly automated and leverages GitHub notifications to reach users directly, showing how trusted developer platforms are being weaponized to deliver malware at scale.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcomplexdiscovery.com%2Ftwenty-two-seconds-to-hand-off-inside-mandiants-m-trends-2026-findings%2F%3Futm_source=tldrit/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/JcsFpx2yXSOyeqvzMgjUeEJQUKhoz7thyf1gbUy7z8k=450">
<span>
<strong>Mandiant M-Trends: Attackers Now Move From Initial Access to Control in 22 Seconds (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Mandiant reports the time from initial access to attacker βhands-on keyboardβ has dropped to just 22 seconds, down from hours previously. This indicates there is effectively no response window after compromiseβdefense has to happen before or during access, not after detection.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fnvd.nist.gov%2Fvuln%2Fdetail%2FCVE-2026-33017%3Futm_source=tldrit/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/NcbZjBxqxmxj2c0qabpwjNRGoIPoA0crOrt2S7xwky8=450">
<span>
<strong>Langflow RCE Actively Exploited β Full Server Control via Single Request (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A critical vulnerability (CVE-2026-33017, CVSS 9.3) in Langflow allows attackers to gain full server control with a single HTTP request, exposing all connected AI API keys and integrations.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FA3OQ3w/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/QOkCzqSvxTfd9B-7R7WOtqw-jUmvA4zjkz6-I6N7kak=450">
<span>
<strong>F5 BIG-IP APM RCE Added to KEV After Active Exploitation (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CISA added an actively exploited F5 BIG-IP APM flaw to KEV after it was reclassified from DoS to pre-auth RCE, giving attackers a path into a major access control layer many enterprises rely on.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F03%2F27%2Fsecurity_boffins_harvest_bumper_crop%3Futm_source=tldrit/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/8wKnYPQNUe6Qi2vIq4Bx_JdO5vIyWdIVHIvolP1bsps=450">
<span>
<strong>API keys all over the web (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers reportedly found nearly 2,000 exposed API credentials across roughly 10,000 websites.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of IT professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrit%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/wjCzNvRHdJ0Pe-me7dWqHyo4H8xGSI3f_H9SZC3mImE=450"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/BNMtUDeSbR1dN3eAU7p-0Nx03AaK5wRW4IqJhXtwb3g=450" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/YqK87ejvGKTubsMC7KXLm50BHgCwzl6ueCuV5lEok24=450" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/BcC73nom3KMgQfUp4qTPpOBW4LNCjUZaJt19TVtRX1A=450" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsiddhibansal%2F/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/R_pNP9FoHGYFs8TnZk9d5GNgJjT5WHDluEjfzvFGpdo=450"><span>Siddhi Bansal</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Ftongchen-yang-877116216%2F/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/d6Yr7LWK4QOi_W_Me49S8l4z4HzCADP092GdtcJddYs=450"><span>Tongchen Yang</span></a>, & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Frushdesh%2F/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/3okxpCc0LcALlmL-we8BoNqUWinhdUSKqh9rSrDLDA8=450"><span>Rush Deshpande</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Fit%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/Va3VYXJVw2bxXz4_hknu3Pd6TKmWfQy8E7Tw7TmubJ0=450">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR IT isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=db791bc2-386d-11ee-a768-4730dc8aabb1%26lc=166d97d4-84b7-11f0-a1b2-47c5c04ad337%26p=2849b28c-2c21-11f1-b92e-4bde7c51025b%26pt=campaign%26pv=4%26spa=1774872068%26t=1774874682%26s=cd191718894e0814bc2725ff903f41d9349558a190955402b675a3265e344669/1/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/nPzOlmUb8x8TdfQc3naTy2vuPLAcFLhqBQXrW0FbB2s=450">unsubscribe</a>.
<br>
</div></td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019d3ec662d6-09fd7cf1-006c-48d7-9e96-986c5cc3d8f0-000000/oqi-Qt9RdgpMLpO4YuNiw3KAU6n_wCZvCr5yQzbYPko=450" style="display: none; width: 1px; height: 1px;">
</body></html>