<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Anthropic is giving 12 partners early access to its new Mythos model for defensive code review across first-party and open source software </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/mdxjK9r_r-0e5h3WZH55XC1vhfn1Viin6SwsoOru7VI=452" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/48yS6FbncEUYqbTYGlJxGSehq1ovZtJVGU4dTuyyAak=452" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=a8311a0e-330a-11f1-813f-c98c642307a2%26pt=campaign%26t=1775653691%26s=c4ef05b91e5bac9efabc201d2ac673c1ee5e52ab7c328c6045e9471d22bef0bd/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/Ybytce-ibcQvDLRJEx691L3zc1EVW27MK1lzAhw0URM=452"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint-intel.com%2F2026-global-threat-intelligence-report%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=Resource_RP_GTI_2026%26sfcampaign_id=701Rc00000dDaIXIA0/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/bkDHEY4SJcwmFr8YArO3G2WsEMf4pdzyYoBXPwc2pZ0=452"><img src="https://images.tldr.tech/flashpoint.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Flashpoint"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-04-08</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint-intel.com%2F2026-global-threat-intelligence-report%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=Resource_RP_GTI_2026%26sfcampaign_id=701Rc00000dDaIXIA0/2/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/AK8W-LfkWvUPyVvLeNb2VRB5aoZgvnp_Wm_5HpdfAXg=452">
<span>
<strong>Ransomware is up 53% - and identity is the primary exploit vector (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The 1,500% increase in AI threat activity is just the beginning of the professionalization of cybercrime. For a data-driven look at today's (and tomorrow's) threat landscape, read <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint-intel.com%2F2026-global-threat-intelligence-report%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=Resource_RP_GTI_2026%26sfcampaign_id=701Rc00000dDaIXIA0/3/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/3J35qf0u9pohIyzWNWvJJwKqP9MN02rfoPl3s97KHOY=452" rel="noopener noreferrer nofollow" target="_blank"><span>Flashpoint's 2026 Global Threat Intelligence Report</span></a>.
<p></p>
<p>Topics include:</p>
<ul>
<li><strong>The Rise of Agentic Frameworks for Attackers: </strong>Why threat actors are transitioning from GenAI to autonomous agents that execute end-to-end attacks without human intervention.</li>
<li><strong>The Extortion Franchise Model: </strong>How the professionalization of groups like RansomHub and Clop is scaling the cybercrime economy.</li>
<li><strong>The Pivot to "Pure-Play" Identity: </strong>How <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint-intel.com%2F2026-global-threat-intelligence-report%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=Resource_RP_GTI_2026%26sfcampaign_id=701Rc00000dDaIXIA0/4/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/nG56-HCkYnZve1zXtNntn-3KcNNwlRTKiCQ0zR0-TXw=452" rel="noopener noreferrer nofollow" target="_blank"><span>3.3 billion compromised credentials</span></a> and cloud tokens are making identity the primary exploit vector.</li>
</ul>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint-intel.com%2F2026-global-threat-intelligence-report%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=Resource_RP_GTI_2026%26sfcampaign_id=701Rc00000dDaIXIA0/5/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/WoW-WxtyKaBLJiFR6aN2twYaoZk4PZKEuTWZGCz1zeQ=452" rel="noopener noreferrer nofollow" target="_blank"><span>Read the report</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🔓</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgbhackers.com%2Fcritical-dgraph-database-flaw%2F%3Futm_source=tldrinfosec/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/rq-UzDCfuxsC77gK_h9JqvagMOCFwlyZ8_4o4xv_qho=452">
<span>
<strong>Critical Dgraph Database Flaw Allowed Attackers to Bypass Authentication (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CVE-2026-34976 (CVSS 10.0) affects all Dgraph versions up to v25.3.0, with no patch currently available — the restoreTenant administrative mutation was accidentally omitted from the authentication middleware mapping, leaving it fully unauthenticated and reachable by anyone with access to the admin network endpoint. The exposed function accepts external URLs, enabling four exploitation paths: database overwriting via malicious backup files, local file probing via error message leakage, SSRF against internal services, and theft of Kubernetes service account tokens. Until a patched release is available, administrators should immediately block public access to Dgraph admin ports and enforce strict firewall rules restricting the administrative endpoint to trusted internal networks only.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2Fs5qjKA/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/nsA0UzpyJ7e6pd8d67S4ECKuHDkDsHnYbJc5sbtHcoQ=452">
<span>
<strong>Wynn Resorts Says 21k Employees Affected by ShinyHunters Hack (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Wynn Resorts has filed a data breach notification stating that data belonging to 21,775 employees was stolen from its systems. This notification follows the company's confirmation that it was breached when ShinyHunters hackers posted about Wynn Resorts on their dark web site. Wynn Resorts has since been deleted from the ShinyHunters website and stated in their breach filing that the data was deleted, suggesting that they had agreed to pay a ransom.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F3c1uxx/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/QAsJg2aw41iNj1zT0dVfgAcXaUmriQbfX2oLt3sJ61M=452">
<span>
<strong>Jones Day Confirms Limited Breach After Phishing Attack by Silent Ransom Group (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Jones Day, one of the top law firms in the US, disclosed that it suffered a limited data breach affecting 10 clients. The Silent Ransom Group (SRG) claimed responsibility for the attack and released screenshots of what appears to be a negotiation chat between SRG and Jones Day. In SRG's messages, they claim to have breached the head of Jones Day's team handling cases before the US Court of Appeals for the Federal Circuit.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧠</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdevansh.bearblog.dev%2Fon-llms-and-vuln-research%2F%3Futm_source=tldrinfosec/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/2hi2Ld9S3T_TF13uhIQTZr7t_rkybQzzzglwR6kG6jg=452">
<span>
<strong>On LLMs and Vulnerability Research (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A practitioner argues that frontier LLMs have advanced vulnerability research through three capabilities: understanding code structure, statistical taint analysis, and test-time reasoning approximating symbolic execution, enabled by MoE architectures, large context windows, and RL reasoning chains. The author refutes the idea that only human genius can find new vulnerabilities, showing that common bug types like HTTP request smuggling and prototype pollution RCE are made of known primitives, recombined creatively, reflecting the compositional reasoning models now excel at. The key advantage has shifted from architecture to domain expertise in context and inference compute, as test-time reasoning improves with longer token budgets, allowing models to find bugs that shorter runs miss.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Funit42.paloaltonetworks.com%2Fmodern-kubernetes-threats%2F%3Futm_source=tldrinfosec/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/tAT2SQ-RSxjJsTShckvolOo9W0LqwJUNFgKa9oe2m58=452">
<span>
<strong>Understanding Current Threats to Kubernetes Environments (21 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Unit 42 documented a 282% year-over-year increase in Kubernetes token theft operations, with IT sector organizations accounting for 78% of observed activity, driven by two converging attack patterns: Slow Pisces (Lazarus) abusing overprivileged CI/CD service account tokens to pivot from production clusters into cryptocurrency exchange financial infrastructure, and CVE-2025-55182 (React2Shell) exploitation beginning within 48 hours of disclosure to achieve RCE inside Kubernetes workloads via insecure RSC Flight protocol deserialization. Both cases converge on the same post-exploitation workflow: enumerate the runtime environment, extract the mounted service account token at /var/run/secrets/kubernetes.io/serviceaccount/token, test RBAC scope, and pivot into the host cloud account. The report's central finding for security leadership is that Kubernetes identity has become the pivot layer between container compromise and cloud-level breach, making RBAC scoping, short-lived projected tokens, and API audit log visibility the minimum viable defensive posture.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FdXtnW4/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/uWqxDIFCv4liI_xefATbV8haCKkJWW4t5CTu1TWCm_k=452">
<span>
<strong>A Practical Blue Team Project: SSH Log Analysis with Python (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Linux authentication logs can provide a useful signal of the potential onset of a breach. The author of this post built a log analyzer script that uses regexes to parse auth.log, then employs multiple detection engines to identify brute-force attempts, account lockouts, successful logins after failures, and IP changes between capture and success. These detections are then given a weighted score, deduplicated, tagged with a relevant MITRE ATT&CK tactics, and exported to JSON for a SIEM to consume.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧑💻</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FHQ1995%2Fvibe-security-radar%3Futm_source=tldrinfosec/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/HKv67XBCFCAybkqvD8-VUXi7yAGrMAOxeNlYvqDMWXs=452">
<span>
<strong>Vibe Security Radar (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A Georgia Tech SSLab research tool that tracks real CVEs where AI-generated code introduced the vulnerability, pulling from OSV, GHSA, and NVD advisory databases. It traces fix commits back to the introducing code via SZZ-style git blame, detects AI authorship through co-author trailers and bot signatures across 15+ tools, and uses an LLM investigator to confirm causality. Reported counts are a strict lower bound, as detection depends on commit metadata that AI-assisted contributions don't always leave behind.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdetecting.cloud%2F%3Futm_source=tldrinfosec/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/HK6Aq0H-ienc7Zkidofaf8dZUJQNiDPU-O3xc0lKmUs=452">
<span>
<strong>Detecting.Cloud (WebApp)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Detecting.Cloud provides a repository of real-world cloud attack paths, detection rules to detect the attacks, and example tests to simulate the attacks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FYARAHQ%2Fyara-rule-skill%3Futm_source=tldrinfosec/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/c2aAq4oGxwV0B3kYhD0NKCG336AcAvIu7Wng1t4Ber8=452">
<span>
<strong>YARA-rule-skill (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
YARA-rule-skill provides an LLM agent skill for authoring, reviewing, and optimizing YARA rule creation.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🎁</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.cloudflare.com%2Forganizations-beta%2F%3Futm_source=tldrinfosec/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/RLtcSs1wotqCnO2d2y5Ad_K23NoLXHzESWEUbGBB_sQ=452">
<span>
<strong>How we built Organizations to help enterprises manage Cloudflare at scale (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cloudflare launched Organizations in public beta, adding a management layer above individual accounts that lets Org Super Administrators control users, shared WAF and Gateway policy sets, and cross-account HTTP traffic analytics without requiring explicit membership in each child account. The rollout required consolidating every authorization check onto a domain-scoped roles system, adding 133,000 lines of code, removing 32,000, and delivering a 27% performance improvement on permission enumeration calls — a meaningful infrastructure change for enterprises with thousands of accounts. Currently, enterprise-only with audit logs, billing reports, and additional org-level roles on the roadmap, with expansion to pay-as-you-go customers planned in the coming months.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F04%2F07%2Fanthropic-mythos-ai-model-preview-security%2F%3Futm_source=tldrinfosec/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/x2Uxl8G2s6ZwbKUedpyREpJpoFBXNqGlJcUGuuyA1zw=452">
<span>
<strong>Anthropic debuts preview of powerful new AI model Mythos in new cybersecurity initiative (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Anthropic is giving 12 partners, including Apple, Microsoft, Amazon, CrowdStrike, Cisco, Palo Alto Networks, Broadcom, and the Linux Foundation, early access to its new Mythos model for defensive code review across first-party and open source software. The model has already flagged thousands of zero-days, some 10–20 years old, and follows a data leak that exposed Mythos' existence, plus separate source code and GitHub takedown incidents.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fsecurity%2F2026%2F04%2Fheres-why-its-prudent-for-openclaw-users-to-assume-compromise%2F%3Futm_source=tldrinfosec/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/p4mQPiJNra1suS7CFcFearBvzs1UZTvTsOXFC53sgoA=452">
<span>
<strong>OpenClaw gives users yet another reason to be freaked out about security (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
OpenClaw recently patched CVE-2026-33579 (CVSS 8.1–9.8), a flaw that allowed anyone with the lowest-level pairing permission to silently escalate to full admin access without user interaction. Patches dropped Sunday. The CVE wasn't published until Tuesday, giving attackers a two-day head start. Blink found 63% of 135,000 internet-exposed instances were running without authentication.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">⚡</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fengage.broadcom.com%2Fmainframe-bigironbits%3Futm_source=TLDR%26utm_medium=Paid%26utm_campaign=Tldr-IS-Apr/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/lZOWGCsxWpDuZp9btbtn-slXtR7G_Mik-DG9qzsgtqk=452">
<span>
<strong>Big Iron Bits: The mainframe mockumentary you never knew you needed (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
From myths to mainframe mastery, office chaos meets clarity in Big Iron Bits: a Myth Busting Mainframe Mockumentary. Laugh, learn, and see why the mainframe is thriving.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fengage.broadcom.com%2Fmainframe-bigironbits%3Futm_source=TLDR%26utm_medium=Paid%26utm_campaign=Tldr-IS-Apr/2/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/fVgvFSuDbv0XdSBA_Yx8ctFpQl_-XJUqJ1l5SJnUqq4=452" rel="noopener noreferrer nofollow" target="_blank"><span><strong>Watch every episode free</strong></span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Fmissile-alert-phishing-iran-us-israel-microsoft-logins%2F%3Futm_source=tldrinfosec/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/FuUMqRsrmLJ9vShjn2SPh1nH9Akz6KuBnBrpdM-Ytug=452">
<span>
<strong>Missile Alert Phishing Exploits Iran-US-Israel Conflict for Microsoft Logins (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cofense's PDC detected a phishing campaign impersonating the Ministry of Interior and Civil Defense.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FWv7Vge/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/zEvkijIA6OBJMlgzzlRSQWTRbCieKCLVCc5flLZxqQs=452">
<span>
<strong>White House Seeks to Slash CISA Funding by $707 Million (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Trump administration proposes cutting CISA's FY2027 budget by $707 million, to about $2 billion, framing it as a shift back to protecting federal networks and critical infrastructure.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F04%2F06%2Fai_agents_cups_server_rce%2F%3Futm_source=tldrinfosec/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/fdCjfdtx9uH330kqb5Epw5l-8IbuX3xOn8my8iF-88E=452">
<span>
<strong>AI agents found vulns in this popular Linux and Unix print server (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers used automated agents to uncover two CUPS 2.4.16 bugs, CVE-2026-34980 and CVE-2026-34990, that chain from unauthenticated RCE as lp to arbitrary root file overwrite over the network.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/mydEPfv0WGBo54_kOZa4EnxvK2VrT2syaIeqCLDUWq4=452" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/qrC20Cu7Y4_HCi1EFv2aFIoJhj5b57bScqL-cSaubSY=452" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? 📰
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/-Hp7eEEdq5BoTv6cXHRJEAXvbbO4J1oT9jGnpMaEkxI=452"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? 💼
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/HifzWQ_Xu3k4bkTwrNmD6PBfduspy7iPGpUhAEl3Gm8=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/JUbakU02-kqJcZwyWatTF8hZ9XjdDQEq6JORcpo_2AU=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/dc3ZExnecTKxy3w_c9uD0ky-Qe8VGu0KAhi2uJMQG2w=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/KW-ws4ZzOlE8XNKsUikv67CxJJEaUD04bJgG0YbIKwc=452"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/ZlSVPweAA8qdxEylR9ibs25BhaB_omIX4eOsY65tVD0=452"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/P5C2Q69dwnTkruNYSIvsJlYZyxj67Z3AJiRS8l__jNU=452"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/mh1b1rmRz3nTCVqHyuAunia9rfVL5ax-OJ73rgowiIY=452">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=a8311a0e-330a-11f1-813f-c98c642307a2%26pt=campaign%26pv=4%26spa=1775653373%26t=1775653691%26s=4112171aac4bf30742b6bac0227d1a44acc2bf4de388872bb840b76f3f557a41/1/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/dhL3A5bKeqwkL2OyAb2ACzc5zMlV7ytAfAXAMOppZ3U=452">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019d6d351ef6-ee40f732-408b-401d-b07d-e1b98d993f66-000000/5wvaoJA-95Uq9krf7eBqU-BySpUW8oOS7B3A5-JM5FE=452" style="display: none; width: 1px; height: 1px;">
</body></html>