<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">In retaliation for an FBI seizure of their website, the Iranian-affiliated Handala hacking group posted that they breached Kash Patelβs email inbox β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/i31IFYdap-2-USycoNqvLi_nmye1J7sbskxbiCngx3U=450" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/ijLxWkk7m_ON9SxquvCtAxJDbuy4kN2dedngnIAmbzo=450" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=b185c828-2c27-11f1-a9d1-4bde7c51025b%26pt=campaign%26t=1774877774%26s=2acddd4106b1255c5fde007328d2cb919d58e7bc303edc7ac5103fab256480b5/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/GIL_nW5YyGlMreN0UXEAk60LFqmvc565stcbmgM1Lxs=450"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fsolving-the-access-trust-gap-in-the-age-of-ai-and-automation%3Futm_medium=paid_newsletter%26utm_source=tldr%26utm_campaign=2026q1_unified-access_wb_solving-the-access-trust-gap-in-the-age-of-ai-and-automation_sa%26utm_content=infosec_newsletter_033026/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/QeDVT6bATuRgRPqRDYMsM32mrEzH05Ri6-ij3dl1-Ko=450"><img src="https://images.tldr.tech/1password-2.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="1Password"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-03-30</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fsolving-the-access-trust-gap-in-the-age-of-ai-and-automation%3Futm_medium=paid_newsletter%26utm_source=tldr%26utm_campaign=2026q1_unified-access_wb_solving-the-access-trust-gap-in-the-age-of-ai-and-automation_sa%26utm_content=infosec_newsletter_033026/2/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/gSws6S19fUCVLLXMRD-QRYym73pd6KI7s3hzlSzTO8w=450">
<span>
<strong>Webinar: Access management for AI agents (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AI agents and automation are reshaping access management. They use API tokens and service accounts across IDEs, scripts, and CI pipelines. These credentials are created on developer machines and used by machine workflows.<p></p><p>As AI adoption increases, security teams face growing secret sprawl outside the visibility of traditional controls.</p><p>In this webinar, we'll explore how organizations can adopt AI and automation without expanding credential risk.<br><br>Key Takeaways: </p><ul><li>Why AI agents and machine identities expand access risk</li><li>Where non-human credential blind spots emerge</li><li>How to secure credentials at time of use</li></ul><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fsolving-the-access-trust-gap-in-the-age-of-ai-and-automation%3Futm_medium=paid_newsletter%26utm_source=tldr%26utm_campaign=2026q1_unified-access_wb_solving-the-access-trust-gap-in-the-age-of-ai-and-automation_sa%26utm_content=infosec_newsletter_033026/3/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/t02Nu83RJ3sEs56b19aUbkAOyc9aapz1BlV6Seppj4U=450" rel="noopener noreferrer nofollow" target="_blank"><span>Register now</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FHmVjG1/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/f8n_4yQ80Zmd0lHXKSz8nZ5WAUnOJ3Fwo8-nfa8j1dE=450">
<span>
<strong>LangChain, LangGraph Flaws Expose Files, Secrets, Databases in Widely Used AI Frameworks (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Three vulnerabilities were disclosed in LangChain and LangGraph: a path traversal flaw (CVE-2026-34070, CVSS 7.5) that exposed arbitrary files, a deserialization bug (CVE-2025-68664, CVSS 9.3) that leaked API keys and env secrets, and an SQL injection in LangGraph's SQLite checkpoint (CVE-2025-67644, CVSS 7.3) that exposed conversation histories. Patches are out β langchain-core β₯1.2.22, langchain-core 0.3.81/1.2.5, and langgraph-checkpoint-sqlite 3.0.1.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FmdXZk3/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/PoaB4ICK09Y57_d_Mwf3_pnhPnAHjx0uR0Y00Qa96F0=450">
<span>
<strong>FBI Confirms Hack of Director Patel's Personal Email Inbox (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
In retaliation for an FBI seizure of their website, the Iranian-affiliated Handala hacking group posted that they breached FBI Director Kash Patel's email inbox. The FBI confirmed that the attackers breached Patel's personal Gmail inbox and that it has taken steps to reduce the negative impact of this breach. The Handala group also published a watermarked subset of this data.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FLYyxNN/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/M05a0yXGCgdeN9_PSPPGnIWfmrcp7egtFdSOGW4pvzY=450">
<span>
<strong>File Read Flaw in Smart Slider Plugin Impacts 500K WordPress Sites (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Security researchers discovered a new arbitrary file-read vulnerability in the popular Smart Slider WordPress plugin that allows authenticated users, such as subscribers, to read arbitrary files. The plugin is missing an authentication check in the plugin's AJAX export function, allowing any authenticated user to export any file, including sensitive files like wpconfig.php.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fpwn.guide%2Ffree%2Fcryptography%2Faudio-steganography%3Futm_source=tldrinfosec/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/3tImx0_ntmKlddEdCcFcNgcs4SLNTbwiVFn2qrxWV-A=450">
<span>
<strong>Audio Steganography in Supply Chain Attacks (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
In March, TeamPCP compromised PyPI packages, including Trivy, litellm, and the Telnyx SDK, by injecting credential-stealing malware hidden inside WAV audio files. The technique works by packing base64-encoded, XOR-encrypted payloads into valid WAV frame data, allowing it to bypass firewalls, EDR tools, and MIME-type checks, since the files are registered as harmless audio. On Linux/macOS, a detached subprocess downloaded ringtone.wav from a server, extracted the payload in memory, then deleted itself. The harvester collected env vars, SSH keys, shell history, and cloud credentials, exfiltrating them in AES-256-CBC-encrypted form to the same server. Detection methods include Shannon entropy analysis and base64 frame pattern checks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.calif.io%2Fp%2Freverse-engineering-apples-silent%3Futm_source=tldrinfosec/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/qLJ81CbqWk1rtSc-XWhlEk9yyXrYPEm1GMtjreoy1j8=450">
<span>
<strong>Reverse engineering Apple's silent security fixes (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Apple's new Background Security Improvements (BSI) mechanism silently patches Safari, WebKit, and system libraries via AEA-encrypted binary diffs applied to cryptex sidecar images, activating on next restart without user interaction. The March 17 BSI publicly disclosed one fix β CVE-2026-20643, a WebKit Navigation API same-origin bypass caused by faulty AND logic that let isSameSite short-circuit the isSameOriginAs port check β but also shipped two undisclosed fixes: a WebGL integer overflow in libANGLE's generateIndexBuffer (size_t narrowed to int with 64-bit overflow guard), and a ServiceWorker registration UAF hardening (WeakRef-to-Ref promotion in SWServerRegistration). Security teams can replicate this teardown using ipsw ota patch rsr to reconstruct patched cryptex DMGs, followed by ipsw diff for symbol-level triage and IDA Pro decompilation against the extracted dyld_shared_cache for full function-level confirmation.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.trailofbits.com%2F2026%2F02%2F20%2Fusing-threat-modeling-and-prompt-injection-to-audit-comet%2F%3Futm_source=tldrinfosec/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/J3htequsMUiHwSpfxCFDPm9U_FSHcM1LQbUUxWy5kvU=450">
<span>
<strong>Using threat modeling and prompt injection to audit Comet (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Trail of Bits audited Perplexity's Comet AI browser using their TRAIL threat model, mapping trust boundaries between the local browser profile and Perplexity's agent servers to identify prompt injection attack vectors capable of exfiltrating Gmail contents via the AI assistant's authenticated session access. Four injection techniques were demonstrated across five proof-of-concept exploits: fake security mechanisms (CAPTCHA and validator lures), summarization instruction hijacking, fake system instructions, and fake user requests. One notable finding was that intentional typos in system warning tags were required for the exploit to succeed, as the agent flagged correctly spelled versions as fraudulent. Defenders building agentic AI products should enforce strict trust-level separation between system prompts and external page content, apply least-privilege scoping to agent-tool access, and conduct systematic red-teaming of adversarial prompt injection before deployment.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftracebit.com%2F%3Futm_source=tldrinfosec/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/6KFMs1M0IyUzzJRT2i7shzEy0KMsF0fqfVLkF0ydFug=450">
<span>
<strong>Tracebit (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Tracebit offers cloud-native threat deception that plants tailored canary assets across identities, endpoints, and cloud infrastructure to lure attackers, expose compromised accounts quickly, and prevent attacks, including AI-driven attacks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fakdavidsson%2Ftrawl%3Futm_source=tldrinfosec/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/0ldaVBdOfyYDPNCT1IpRVER5G3JaUdHdCdGsBoPYe9E=450">
<span>
<strong>trawl (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
trawl is an LLM-powered scraper that allows users to semantically describe what information they are looking to extract.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Frderaison%2Fbromure%3Futm_source=tldrinfosec/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/zJB8OISacBYK5hiBkUhDqrix3I5Nlj3zmlyPBNaG5bI=450">
<span>
<strong>Bromure (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Bromure creates a secure, ephemeral browsing environment in a disposable VM on macOS systems.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F03%2F27%2Fsecurity_boffins_harvest_bumper_crop%2F%3Futm_source=tldrinfosec/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/4o5OhqA_xq6pJ4IcbytYSHivmlXNl2blQvlVisXHMsQ=450">
<span>
<strong>Security boffins scoured the web and found hundreds of valid API keys (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Stanford-led researchers scanned 10 million websites using TruffleHog and found 1,748 valid API credentials across 10,000 pages, including keys for AWS, Stripe, GitHub, and OpenAI. A global systemically important bank exposed cloud credentials that gave direct access to its databases. In general, credentials remained exposed for an average of 12 months, with 84% buried in JavaScript bundles.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F03%2F23%2Fgoogle_dark_web_ai%2F%3Futm_source=tldrinfosec/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/ygWI02HS9NwuOwzFIsZXoHmVPhSMEOlgSpv0IxazQus=450">
<span>
<strong>Google Unleashes Gemini AI Agents on the Dark Web (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google Threat Intelligence has added a dark web intelligence service that uses Gemini AI agents to crawl up to 10M posts a day. Organizations can create an organization profile in the service, and agents will then crawl the Internet to discover non-sensitive, public information, then monitor for potentially relevant dark web postings and raise alerts. Google says the service has a 98% accuracy rating compared to traditional, keyword-based services, which generate 80-90% false positives.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fglama.ai%2Fblog%2F2026-03-26-the-hackers-who-tracked-my-sleep-cycle%3Futm_source=tldrinfosec/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/MEXOBGRQTe5-AxSMzUt25u3gIfLm0mEONgBcXXzESNk=450">
<span>
<strong>The Hackers Who Tracked My Sleep Cycle (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attackers exploited a Glama.ai payment overdraft window by mass-creating accounts, attaching valid payment methods, and firing expensive LLM calls before charge rejection β netting ~$1,000 in credits nightly. They monitored the developer's Discord online status to time attacks during offline windows, pausing whenever he appeared active. JA4 TLS fingerprinting and ALTCHA proof-of-work proved the most durable deterrents, though no single method held indefinitely β layered friction remained the only viable defense.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sysdig.com%2Fforrester-wave-cloud-native-application-protection-solutions-q1-2026%3Futm_campaign=Primary03302026%26utm_source=tldrai%26utm_medium=quicklinks/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/xZYx8Lhq5O2mB4zAyitJUIZUZCIb2U2wEfNhGFAg898=450">
<span>
<strong>Sysdig Named Leader in Forrester CNAPP Wave 2026 (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cloud attacks unfold in minutes, the Forrester Waveβ’: Cloud Native Application Protection Solutions, Q1 2026, Sysdig stands out among 14 vendors with runtime-powered CNAPP, AI copilots, and unified posture, vulnerability, and insights. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.sysdig.com%2Fforrester-wave-cloud-native-application-protection-solutions-q1-2026%3Futm_campaign=Primary03302026%26utm_source=tldrai%26utm_medium=quicklinks/2/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/HBq6l-ECEmLHHUWswSDPB6EFFNlBifvgwObFFJjhNgU=450" rel="noopener noreferrer nofollow" target="_blank"><span>Read report</span></a>.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F0LGsi9/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/uPgbGnx3ctB4CJxeWCHMx2T4O_YTFXgZMFkm3Cnnvoc=450">
<span>
<strong>Introducing the OpenAI Safety Bug Bounty program (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
OpenAI launches a public Safety Bug Bounty program on Bugcrowd to address AI-specific abuse risks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F03%2F27%2Fapple-says-no-one-using-lockdown-mode-has-been-hacked-with-spyware%2F%3Futm_source=tldrinfosec/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/nW2ScNEToZARQWJll6CAFvSgjfVD4TDCgA9-gcNy1gY=450">
<span>
<strong>Apple says no one using Lockdown Mode has been hacked with spyware (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Nearly four years after its launch, Apple confirmed that no mercenary spyware attacks have succeeded on Lockdown Mode-enabled devices.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurityaffairs.com%2F190109%2Fsecurity%2Fapple-issues-urgent-lock-screen-warnings-for-unpatched-iphones-and-ipads.html%3Futm_source=tldrinfosec/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/cSU2Fbrl5hcGyAxC9Zu0wMTM60KzyExEDohekOU03Hw=450">
<span>
<strong>Apple issues urgent lock screen warnings for unpatched iPhones and iPads (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Apple pushed "Critical Software" lock screen alerts to devices running iOS 13 through 17.x, warning of active exploitation via the Coruna and DarkSword web-based exploit kits.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/mLwUD6DM4Q30iFlFgXMrGkkhOoRmaGsra8_FiTiOiEk=450" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/zyqq5dKpSw737XLs8FvFeRu7eSESkyXorIGg7c1HzWo=450" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/a9O0kSfCPgq92EOhUK3brreZ-PPZbs-_kR6a6FajVew=450"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/UjuomzXEJmTXMr5gPI878_Eaxq88Dryo0ZjV0IrrHks=450" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/655SydIOM4nMmrKxtJgidqJqfR7nzAquV3Cm7XSHPTs=450" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/gpFq3okPLF7pyQIrTDnYv0-7eBnRsCBxXXt2_7_ciUw=450" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/w13AcAzg2RaQEe_7vCRlMKcfMyjXoh9Z6732aN4B61A=450"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/ng-ELMKekzu724P6krKMUnWvOHS6CvUoLl-Q3M8Y8eI=450"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/sByUnyJy3XNI1Ycol-u7l1Nclfnzct32fiJKnJdnCa8=450"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/q1pxwEz9cNHCnQqRGXfif7Bsue-0Sh6EI0icl7kK0eE=450">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=b185c828-2c27-11f1-a9d1-4bde7c51025b%26pt=campaign%26pv=4%26spa=1774875802%26t=1774877774%26s=3b9d0cb5ea42e496b6be780bb7772ed854dda9ebfbba13ca7d815199e1001dd8/1/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/vD10ttEqwf2P_GWCAeOo76oMQ-T4lQqVflGSmezH7pA=450">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019d3ef591fd-f0f9718a-aa3d-4367-aa1d-afccb900a075-000000/Q8yZ4hTkreAQ9d49vFk2qAwlBwmdvX4TZQaxQPZuc_0=450" style="display: none; width: 1px; height: 1px;">
</body></html>