<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Anthropicโs Mythos Preview model faced UK AI Security Institute tests on capture-the-flag tasks and a 32-step โThe Last Onesโ network data โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/F_PlRx-vgXRplyesdn2Q1gVPeQhXeh2WCCtWc84EKRw=452" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/3RTy_AwVZZJB9kVu3Djvrt2tMLMXyMmgmffnT1SEtQM=452" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=adaa451c-394c-11f1-91ed-47748340cc2d%26pt=campaign%26t=1776344963%26s=5eda8d0d5f5136de01bb8874cff5787cf2f3ca6000767b89cbc1d25513e902df/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/YqX2wxaKzZkL-ibH4fCu_0vEzPeU-RMhtwnfLqFFzRs=452"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbitwarden.com%2Fblog%2Fhow-to-protect-your-organization-from-human-error-and-data-breaches%2F%3Futm_campaign=34103600-TLDR%25202026%26utm_source=tldr_infosec%26utm_medium=email%26utm_content=041526_access-intelligence/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/3SZHG6mHik7l4mXU3mOjd56IRACEE1kIvr9bF-HCwi8=452"><img src="https://images.tldr.tech/bitwarden.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Bitwarden"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-04-16</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbitwarden.com%2Fblog%2Fhow-to-protect-your-organization-from-human-error-and-data-breaches%2F%3Futm_campaign=34103600-TLDR%25202026%26utm_source=tldr_infosec%26utm_medium=email%26utm_content=041526_access-intelligence/2/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/EfaG2QWRRlvOw56IQuGGIUh3n2oanmvXwS_DDDvj8Xo=452">
<span>
<strong>60% of data breaches involve human error (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Organizations invest millions in security infrastructure, yet the greatest vulnerability remains the human element. The Verizon Data Breach Investigations Report identifies credential abuse as the single most common initial access vector.<p></p><p>AI is accelerating the problem. AI-assisted phishing emails have doubled over the past three years and are increasingly difficult to detect.</p><p>Bitwarden Access Intelligence protects organizations with:</p><ul><li>Proactive visibility into employee credential health</li><li>Identification of exposed, weak, and reused passwords</li><li>Prioritized remediation guidance pushed directly to end users</li></ul><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbitwarden.com%2Fblog%2Fhow-to-protect-your-organization-from-human-error-and-data-breaches%2F%3Futm_campaign=34103600-TLDR%25202026%26utm_source=tldr_infosec%26utm_medium=email%26utm_content=041526_access-intelligence/3/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/mSa5nlxJTijoow_bX4PMY3V5MEzhORZ8xlfeBHjW9L0=452" rel="noopener noreferrer nofollow" target="_blank"><span>See how Bitwarden Access Intelligence identifies credential risks before they become breaches.</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F6NNlB8/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/J2wOQ8-GkSXBr9GpEoGkxMNwMh6QTw042gJm0eMaVrM=452">
<span>
<strong>GraphQL RCE: The Kill Chain to Cloud Identityโฆ! (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A missing __builtins__: {} restriction in a SaaS platform's Python exec() sandbox allowed a researcher to inject arbitrary code via a GraphQL createUserDefinedFunction mutation, achieving RCE inside a Google App Engine container running Python 3.13. From there, SSRF to the GCP metadata service at 169.254.169[.]254 yielded a signed OIDC JWT for the production service account, resulting in full cloud identity takeover. Defenders should sandbox user-executed code with {'__builtins__': {}}, block metadata endpoint access from user-code environments at the network layer, and isolate execution in zero-trust micro-VMs such as Firecracker or gVisor.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2Fvhios7/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/z_nLhXUYpR1KlE0NprA2XhaaK9pkqrIggeauOXIVIU0=452">
<span>
<strong>$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A cheap browser plugin infected Windows machines and ran PowerShell to shut down antivirus, stop updates, and stay hidden using scheduled tasks and WMI. It stored future malware in folders that Microsoft Defender ignores by default. A single unregistered update domain could have let an attacker silently push code to about 25,000 computers in 124 countries, including OT, government, healthcare, and big-company networks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FwVMJES/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/0wZe8SkN0MafHK3Ll73AGHu1fkdmJD_wUni00Qta4eo=452">
<span>
<strong>McGraw-Hill Confirms Data Breach Following Extortion Threat (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Following an extortion demand by the Shiny Hunters ransomware group, McGraw-Hill has confirmed that its Salesforce instance was compromised. McGraw-Hill claims that the stolen data was only a limited amount of non-sensitive data that did not include SSNs, financial information, or student data. In contrast, Shiny Hunters claim that the data includes 45M records which include PII.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐ง </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.wiz.io%2Fblog%2Fgithub-actions-security-threat-model-and-defenses%3Futm_source=tldrinfosec/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/OiQhVVKzTsI-umOcKmj0bB4UGzjaTUrke5u6TIGWOZU=452">
<span>
<strong>Primer on GitHub Actions Security - Threat Model, Attacks and Defenses (Part 1/2) (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Wiz maps the GitHub Actions threat model across three primary attack classes: pull_request_target misconfigurations (the โPwn Requestโ class, exploited in the Trivy supply chain compromise), where fork PR authors manipulate checked-out artifacts to gain execution with base-branch secrets, script injection via unsanitized user-controlled context values like github.event.issue.title or github.head_ref injected into run blocks (the Ultralytics/YOLO XMRig incident root cause), and compromised third-party actions, illustrated by the tj-actions attack, which chained four sequential action compromises to target Coinbase across 22,000 affected repositories. Defenses include avoiding pull_request_target where possible, binding all user-controlled inputs to intermediate environment variables before shell execution, and pinning third-party actions to commit SHAs rather than mutable tags.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fintel.breakglass.tech%2Fpost%2Fkimsuky-chm-nidlog-c2-dump-full-payload-recovery%3Futm_source=tldrinfosec/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/oLCE3dmGRYR11rz5cmVyyMoMoWS0a3f_k6Wpzf4DZVk=452">
<span>
<strong>We Dumped a Live Kimsuky C2 and Recovered Every Stage of the Kill Chain: CHM Dropper, VBScript Stager, PowerShell Keylogger (15 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Breakglass Intelligence recovered the complete three-stage Kimsuky (APT43) kill chain after the C2 at check[.]nid-log[.]com was found with directory listing enabled, exposing a CHM dropper that chains hh.exe โ PowerShell โ certutil โ wscript into a fileless VBScript recon payload (bootservice.php), a PowerShell bridge (checkservice.php), and a full keylogger with clipboard monitoring and randomized 100-140 minute exfil via multipart POST to finalservice.php. Two novel endpoints (checkservice.php, finalservice.php), the Global\AlreadyRunning19122345 mutex, typo'd User-Agents (Chremo, Edgo), and a 79-domain infrastructure map across 5 IPs spanning DAOU Technology and LightNode were published for the first time, with cross-campaign links to the previously documented udalyonka/uncork[.]biz cluster. Defenders can hunt for HTTP requests to /bootservice.php?tag=&query=*, responses containing โMillion OK !!!!โ, scheduled tasks named โEdge Updaterโ at PT60M intervals, and Office_Config.xml writes under %APPDATA%\Microsoft\Windows\Templates.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fai%2F2026%2F04%2Fuk-govs-mythos-ai-tests-help-separate-cybersecurity-threat-from-hype%2F%3Futm_source=tldrinfosec/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/2bVdzof1ZC8UoFpcNGmlwKxFO03yFnCTNlYiQ9ja46E=452">
<span>
<strong>UK Gov's Mythos AI Tests Help Separate Cybersecurity Threat From Hype (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Anthropic's Mythos Preview model faced UK AI Security Institute tests on capture-the-flag tasks and a 32-step โThe Last Onesโ network data exfiltration range, where it became the first AI system to complete the full chain in some runs and averaged 22 steps versus Claude 4.6's 16, while still failing a tougher โCooling Towerโ power-plant scenario and operating in ranges without active defenders or realistic detection penalties.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐งโ๐ป</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdelinea.com%2Fresources%2Fai-and-identity-security-report-pdf%3Futm_medium=paid-newsletter%26utm_source=TLDR%26utm_campaign=FF-FY26Q2_TLDR_*VisIP%26utm_content=Identity-security-report%26utm_term=Secondary/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/4RBxygqfX4f1Y1X2LjxL7JkLAqSycJMNAg-56BeAPTQ=452">
<span>
<strong>What's driving the AI security confidence paradox? (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Delinea surveyed +2,000 IT decision-makers and uncovered a disconnect: Confidence in AI security readiness is high - but security teams are <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdelinea.com%2Fresources%2Fai-and-identity-security-report-pdf%3Futm_medium=paid-newsletter%26utm_source=TLDR%26utm_campaign=FF-FY26Q2_TLDR_*VisIP%26utm_content=Identity-security-report%26utm_term=Secondary/2/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/yxV5QYvjixlpkJFvHdZl0fnQVyafVN6-XciM8I7Svz4=452" rel="noopener noreferrer nofollow" target="_blank"><span>struggling to govern AI-related identities</span></a>. Read the report to understand which processes and controls need to catch up with AI realities. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdelinea.com%2Fresources%2Fai-and-identity-security-report-pdf%3Futm_medium=paid-newsletter%26utm_source=TLDR%26utm_campaign=FF-FY26Q2_TLDR_*VisIP%26utm_content=Identity-security-report%26utm_term=Secondary/3/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/IhXsIqOPZ6Wmcbpg7X5y0JzuniVDmtoVDHD-Fk2ycK0=452" rel="noopener noreferrer nofollow" target="_blank"><span>Read the full 2026 Identity Security Report by Delinea</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.blog%2Fsecurity%2Fapplication-security%2Fhow-exposed-is-your-code-find-out-in-minutes-for-free%2F%3Futm_source=tldrinfosec/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/nZ8nU89uoI3u6FIImO3ymMLquvNc7Q2gcWeEiPoobXw=452">
<span>
<strong>How Exposed Is Your Code? Find Out in Minutesโfor Free (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
GitHub's Code Security Risk Assessment is a free, no-configuration CodeQL scan covering up to 20 active repositories that surfaces vulnerabilities by severity, language, and rule class alongside Copilot Autofix eligibility. Paired with the existing Secret Risk Assessment, org admins and security managers on Enterprise Cloud and Team plans now get a unified secrets-and-code exposure dashboard from a single entry point, with Actions minutes excluded from quota.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.capsulesecurity.io%2F%3Futm_source=tldrinfosec/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/pSenm4YAiHl15oyye-Z23_lVlJVb0aCae-3xt-jpVmQ=452">
<span>
<strong>Capsule Security (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Capsule Security monitors AI agents in real time to detect manipulation, abnormal behavior, and data exfiltration, blocking risky commands and exposures across tools and environments while fitting into existing workflows and agent frameworks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FKEyGuE/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/ivd8D9ePHT0m65BaPAXBcsU50-fgjgA6zrt3Vr97AQc=452">
<span>
<strong>Trusted Access for the Next Era of Cyber Defense (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
OpenAI is expanding its Trusted Access for Cyber program to thousands of verified defenders and introducing GPTโ5.4โCyber, a permissive model tuned for defensive tasks like reverse engineering binaries.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.networkworld.com%2Farticle%2F4158139%2Ffixing-encryption-isnt-enough-quantum-developments-put-focus-on-authentication.html%3Futm_source=tldrinfosec/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/CCZ9tlJyAjI2ZJr-yB3KWz5Q_KOHDZhhnxql8iu1HVk=452">
<span>
<strong>Fixing Encryption Isn't Enough. Quantum Developments Put Focus on Authentication (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google research has revised the quantum threat timeline, finding elliptic curve cryptography could be broken with as few as 1,200 logical qubits, prompting both Google and Cloudflare to move their Q-day estimates to 2029. The industry's focus on encrypting data in transit has obscured a more urgent risk: authentication and certificates, where a single compromised quantum-vulnerable key enables full system access and turns software update pipelines into RCE vectors. Enterprises are advised to begin crypto-agility inventories now and treat PQC migration as a dedicated workstream outside normal security operations, given that large-scale migrations can take years.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2Fhodwx8/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/VUu3kbxQFn_LmtpOEAQVkcXu8K0jdvzskiP-rWbzG_s=452">
<span>
<strong>n8n Webhooks Abused Since October 2025 to Deliver Malware via Phishing Emails (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attackers register free n8n cloud accounts, create webhook URLs on *.app.n8n.cloud, and embed those links in phishing emails that pose as shared documents. When victims click, JavaScript-driven workflows serve CAPTCHAs, drop malware installers, and deploy modified RMM tools like Datto or ITarian for persistence and C2 access.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberpress.org%2Fnew-research-claims-google-microsoft-and-meta-track-users-even-after-opt-out%2F%3Futm_source=tldrinfosec/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/dmlsMXvwuDe73jJRL_hONJYtDUyTg95IBO3eZWLyiDI=452">
<span>
<strong>New Research Claims Google, Microsoft, and Meta Track Users Even After Opt-Out (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A new independent audit by privacy firm webXray found that Google, Microsoft, and Meta continue to track users even after explicit opt-out under privacy laws such as CCPA. The audit examined over 4,000 popular US websites and found that 55% still set advertising cookies despite visitors activating privacy protections.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">โก</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjkcoxson.com%2Fblog%2Frppairing-spec%3Futm_source=tldrinfosec/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/ZEsRuOnaj2hgWy7V9JiO_yLkh9GOV1vhKmrFUD448Qk=452">
<span>
<strong>RPPairing Protocol Specification (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This author reverse-engineered Apple's RPPairing protocol, which is used to establish a secure tunnel to an iOS 17+ device over the network using Remote Pairing.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.nbcnews.com%2Ftech%2Frcna265855%3Futm_source=tldrinfosec/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/KG4ub-v6i9XFSMZa7Q6zABN5bmGF2Miflnw71CAAIE4=452">
<span>
<strong>Musk's Grok AI Chatbot Still Making Sexual Deepfakes, Despite X's Promise to Stop It (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
An investigation by NBC News discovered that Grok is still creating sexualized deepfakes of celebrities and other people without their consent, despite X committing to combat this behavior after public backlash and government investigations.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/OxG56Xkz0Gh61UeVXFlH1f5JgUeFv4qNPr9FIdyerbs=452" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/2pQt5dwqe-V6LPXhJFBgxS-fh9CDFYn1CXbjplajQN8=452" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? ๐ฐ
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/4jhXmDuAYZ7DpFZPbp2INGji95NzkB5Y0MGH2V_Mca8=452"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? ๐ผ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/8YiKPCwHe5NSNhJFFFIH-AHgTpTEP_Nc80YefKjiGmo=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/V4LmukTzQJaufSUQLgsk5mp03teXKbXu_qnxI1VPFJE=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/0-ia-lxq3nfuJOfa6RiiIm19fJ-aaik5Rwrciahn1lo=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/03hRpBXNWVzjBsGusUUf0OOhfjrSsFL7GERFGvmKFOQ=452"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/L2F0imGHvFezWa7AN402jt4OFNwJj4S8MBU9edCC6m0=452"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/wqbOxNHW09VuW5nePc7dGOdRxfbRaxMKMri06k3cknw=452"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/8MKBRfQ4cn3kEPJtVUrbcCF0ziFldgM5-Fw0si60etg=452">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=adaa451c-394c-11f1-91ed-47748340cc2d%26pt=campaign%26pv=4%26spa=1776344619%26t=1776344963%26s=1d72237088b08d40c3f2ebb2a97d44ac6bb12d2fae571fc16c270debf1b3434b/1/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/j-ZvE3avY1-eASkRjnzlaxjWDeTFg22QTwKakR2VxJQ=452">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019d96691b62-91334dda-4dda-4bd3-a25a-42db9df1fa33-000000/Vp96-2CYkU2zimLV8zs-gElTDEfxX4lGKyJlzVMcUq8=452" style="display: none; width: 1px; height: 1px;">
</body></html>