<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">The Bitwarden CLI was briefly compromised after attackers uploaded a malicious npm package containing a credential stealer </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/LEBKeWpV4xAldr30zUMS8-uPoilMw88m4dLU56Q1Jk4=452" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/yBbseCP5kE5vwR1aHmFJWahV00cL4S_3v51gLw8iNBA=452" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=948c4b38-3f92-11f1-a424-d5514a271472%26pt=campaign%26t=1777036055%26s=7a36a8956132cf67bad0b4f713b5100efef01211731d12c886f640fa595a4cbd/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/gaM0ejoVMWUjziyJNtk4FLoCLC8gtyqTahm1oND11w4=452"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Ftldr%3Futm_source=tldr%26utm_medium=email%26utm_campaign=cy26-04-camp-brand-global-prospect-all-x-x-self_fails-tldr_primary_4_24/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/fiTQWrfjd6xhRST4RjJXVXDwbzIBBraLaUFcZ7LxMzU=452"><img src="https://images.tldr.tech/huntress.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Huntress"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-04-24</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Ftldr%3Futm_source=tldr%26utm_medium=email%26utm_campaign=cy26-04-camp-brand-global-prospect-all-x-x-self_fails-tldr_primary_4_24/2/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/rNXaskABEYEVv3pALfIiNQbx0tZuRT-R-3d_2qPLo6Y=452">
<span>
<strong>Why are big security vendors ignoring 99% of companies? (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Enterprise vendors love to design security that only works if nobody ever clicks the wrong link. But real teams self‑fail all the time—and that's exactly what cybercriminals are counting on.<p></p><p>With cybercrime hitting businesses of all sizes and industries, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Ftldr%3Futm_source=tldr%26utm_medium=email%26utm_campaign=cy26-04-camp-brand-global-prospect-all-x-x-self_fails-tldr_primary_4_24/3/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/FXgUOFS7HGg8Z6D6i6Bmd8k6jv5YXKpN61E3DdP6_74=452" rel="noopener noreferrer nofollow" target="_blank"><span>Huntress</span></a> delivers security for the 99%.</p>
<p>The <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Ftldr%3Futm_source=tldr%26utm_medium=email%26utm_campaign=cy26-04-camp-brand-global-prospect-all-x-x-self_fails-tldr_primary_4_24/4/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/rCsKLFOTpeUr_ogS-qoRkh-ade1_kgNRVDjeBbx-cZ8=452" rel="noopener noreferrer nofollow" target="_blank"><span>Huntress Managed Platform</span></a> is custom-built security for endpoints, identities, people, and more, all managed for you 24/7, at a startup-friendly budget. And they'll deliver results like:</p>
<p>✅ 8-min MTTR (EDR) </p>
<p>✅ 3-min MTTR (ITDR) </p>
<p>✅ <1% false positives</p>
<p>✅ 98.8% global CSAT score</p>
<p>You don't need perfect users—you need a platform and SOC that turns everyday self‑fails into near misses instead of crises.</p>
<p>Wreck hackers, not your security budget.</p>
<p>Rated 4.9/5 on G2.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Ftldr%3Futm_source=tldr%26utm_medium=email%26utm_campaign=cy26-04-camp-brand-global-prospect-all-x-x-self_fails-tldr_primary_4_24/5/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/hosjYLiV5PEFmwnWTuikdGkvQAhdq__1Wp7AwkMwddI=452" rel="noopener noreferrer nofollow" target="_blank"><span>Schedule a demo to learn more</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🔓</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F04%2F23%2F500k_biobank_volunteers_data_listed%2F%3Futm_source=tldrinfosec/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/ij05GU89odp36-p0VOTLainB4I5k17C1ovA49yeaDcA=452">
<span>
<strong>Medical data of 500k Biobank volunteers listed for sale on Alibaba, UK minister reveals (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Data on 500,000 UK Biobank volunteers was found listed for sale on Alibaba by an unknown source, apparently after three Chinese research institutions downloaded bulk datasets against contractual rules. UK Biobank revoked their access, suspended all platform access, capped export file sizes, and will deploy automated checks on data exports. Exposed fields include demographics, socioeconomic status, lifestyle, and rich biomedical markers, raising re-identification risk even without explicit identifiers.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fsecurity%2F2026%2F04%2Fmicrosoft-issues-emergency-update-for-macos-and-linux-asp-net-threat%2F%3Futm_source=tldrinfosec/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/A9ajFqEUGb4SOZmNYGIv-bbE-tySt6apvEc4Khyd8D0=452">
<span>
<strong>Microsoft issues emergency update for macOS and Linux ASP.NET threat (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft rushed a fix for CVE-2026-40372 in Microsoft.AspNetCore.DataProtection, which lets unauthenticated attackers forge HMAC-backed authentication payloads and gain SYSTEM-level access on non-Windows ASP.NET Core deployments. Admins must upgrade to version 10.0.7, rotate the DataProtection key ring, and then rotate any long-lived tokens or secrets issued while vulnerable, since those artifacts can survive patching.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FzyFZJ7/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/xD8DwNhx3XrMmVSuvvBcDlEB-NDyzDIodL_d4A0wSuk=452">
<span>
<strong>Bitwarden CLI npm Package Compromised to Steal Developer Credentials (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Bitwarden CLI was briefly compromised after attackers uploaded a malicious npm package containing a credential stealer. The stealer attempted to steal a wide range of developer credentials, including npm tokens, GitHub tokens, SSH keys, and cloud credentials. Bitwarden confirmed that the attackers used a compromised Checkmarx GitHub Action and that Bitwarden itself was not compromised.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧠</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Funit42.paloaltonetworks.com%2Fautonomous-ai-cloud-attacks%2F%3Futm_source=tldrinfosec/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/KXaTNQwDrBwvCJ8AGnsUmoUgEBrSuiRv2SxrjwIOJFU=452">
<span>
<strong>Can AI Attack the Cloud? Lessons From Building an Autonomous Cloud Offensive Multi-Agent System (12 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers built a multi-agent penetration testing system called Zealot and pointed it at a vulnerable GCP environment with one clear goal: exfiltrate BigQuery data. Zealot runs a supervisor with three specialist agents for infrastructure, web exploitation, and cloud abuse that coordinate through a shared AttackState. In tests, it moved from network recon to exploiting SSRF on a web app, to stealing a service account token, enumerating BigQuery, escalating via storage.objectAdmin, and finally pulling data out.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FFdrAyn/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/mGGKA8q2t79jBzsiLEAF0feMbmvrUXAuWJzHFQSBhVE=452">
<span>
<strong>Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
China-linked APT Tropic Trooper (aka Pirate Panda, KeyBoy, APT23) compromised a victim's home router to overwrite DNS settings and redirect a legitimate youdaodict.exe dictionary update to an attacker-controlled server in an “evil twin” supply chain attack, delivering a Cobalt Strike beacon bearing the group's signature watermark 520 via a trojanized .xml payload. Itochu and Zscaler ThreatLabz researchers decrypted five .dat payloads exposing fresh tooling, including DaveShell, Donut loader, Mythic-framework Merlin and Apollo Go RATs, and a custom Go backdoor dubbed C6DOOR, alongside an exposed S3 bucket hosting 48 files with Signal-impersonating phishing pages targeting Chinese-speaking individuals in Japan, Taiwan, and South Korea; a parallel Zscaler campaign observed a trojanized SumatraPDF binary deploying AdaptixC2 and VS Code. Defenders should audit SOHO router firmware and DNS configurations for unauthorized changes, ingest the Zscaler ThreatLabz IOC list, and hunt endpoint telemetry for Cobalt Strike beacons carrying watermark 520.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧑💻</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.rilian.com%2F%3Futm_source=tldrinfosec/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/Et9b59CVyXTjhOYbn8vJzFhHQh33Vt26pPN82h-3w-I=452">
<span>
<strong>Rilian (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Caspian is the security orchestration platform underpinning Rilian. It lets government, critical infrastructure, and law enforcement teams integrate tools, automate workflows, and run autonomous cyber defense across cloud, on‑prem, air‑gapped, and regulated environments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fsafedep%2Fpmg%3Futm_source=tldrinfosec/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/53mzH0exBAXA3mgouVNy_P6Tbgi0h6xUBqa07p-Pkzw=452">
<span>
<strong>Package Manager Guard (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Package Manager Guard (PMG) intercepts package installs and checks them for malware before code executes.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Frex-rs%2Frex%3Futm_source=tldrinfosec/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/U9EZif3Ywf9Q3RhWcvD1CXGQSLJqLT8AXXWoJukOJ7o=452">
<span>
<strong>Rex Kernel Extensions (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Rex is a safe and usable kernel extension framework that allows loading and executing Rust kernel extensions in place of eBPF.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🎁</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F04%2F23%2Fsurveillance-vendors-caught-abusing-access-to-telcos-to-track-peoples-phone-locations-researchers-say%2F%3Futm_source=tldrinfosec/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/Iafq3EyKrTYHw9f12yWTkgu1Y1Ys9s2A9EVihH26d9A=452">
<span>
<strong>Surveillance vendors caught abusing access to telcos to track people's phone locations, researchers say (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Citizen Lab documented two long‑running campaigns where unnamed surveillance vendors posed as legitimate carriers to abuse SS7 and Diameter signaling and SIM-level SMS to geolocate targets worldwide, routing operations through 019Mobile, Tango Networks UK, and Airtel Jersey/Sure infrastructure, with SIMjacker‑style attacks used against at least one high‑profile target.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theverge.com%2Fpolicy%2F916758%2Fanthropic-mythos-preview-cisa-left-out%3Futm_source=tldrinfosec/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/ByD0IXmK2MTDsEM9K0FDh2cWEDB3xE0URL7lExIBpeg=452">
<span>
<strong>Anthropic's Mythos rollout has missed America's cybersecurity agency (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Several US agencies, including Commerce and the NSA, are testing Anthropic's Mythos Preview model to hunt vulnerabilities, but CISA has reportedly been left out, even as the Trump administration cuts its staff and budget, limits its hacking detection resources, and redirects personnel to immigration work.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F04%2F20%2Fanthropic_claude_desktop_spyware_allegation%2F%3Futm_source=tldrinfosec/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/by9oZ8h-o0h6dzPsjpWo3w1fj61n3gKhi6al1JhJVPE=452">
<span>
<strong>Claude Desktop Changes App Access Settings For Browsers You Don't Even Have Installed Yet (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Upon installation, Claude Desktop pre-authorizes itself to access various browsers for automated operation. It does this by using Native Messaging and will pre-authorize the browsers without any user permissions, even if they aren't installed yet. This behavior is in violation of EU privacy laws.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">⚡</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FmFsqfL/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/AsyHqvHtkLSDceHKXuyp2RX7zQCkdUDFnaVkmsyX7Y4=452">
<span>
<strong>Seiko USA Website Defaced as Hacker Claims Customer Data Theft (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Seiko USA's “Press Lounge” page was defaced with a ransomware notice claiming attackers breached its Shopify database and stole customer info, order history, and shipping data (but no financial data).
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fnltimes.nl%2F2026%2F04%2F22%2Fcosmetic-brand-rituals-latest-company-report-hack-client-data-stolen%3Futm_source=tldrinfosec/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/P5G9s0cIlZ_4FvA56Z7eeCp-gYx8Lfk8nU6UQ_y3kg0=452">
<span>
<strong>Cosmetic brand Rituals the latest company to report hack; Client data stolen (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Rituals suffered a data breach that exposed customer names, contact details, gender, and birth dates (but no passwords or payment info).
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/cHmRY7q8IgL5wWZCsyMnYUY63CcjwMut--RcPofH4u8=452" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/tRbDT18CuMpfsj-oaJ09Z6VuK8zw5YgBbViJOLNnC6E=452" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? 📰
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/6qxJo5Rtzsl3uIEsyNI6UJsmhBfrFKdUtp3RmhnuwM8=452"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? 💼
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/kkksKH5yTNsUvY5IZME57BtWCC-hmuKgOF-6YRhRXnk=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/W-ymZbUwsejZl12wVtFj1cKUczfmG1Noab6yKp9tNVM=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/SZ9oHkeSvqORRkZBHBQ8NCXB9zHelooYe6O8y86alg4=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/_fLxl2O0g1UKsPs68sz8ctgV3diyMC6xoNEKZG3604c=452"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/22G0-GagREBIXNHRF-y0XYMiQkeyP0R__Wd-yAgd9so=452"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/JlnLF_w9Q2Rdn7sDgjEL2r-8EuKEuI0trYoyXSLip4Y=452"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/WJXvru62XxiP-1kt9quxNByM_IilWrSxOlpjF_A_ynk=452">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=948c4b38-3f92-11f1-a424-d5514a271472%26pt=campaign%26pv=4%26spa=1777035740%26t=1777036055%26s=0dd0fc725fc002f79c1d8d855b105db71bae2d1f9142b0d01de8dcab1389f829/1/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/cVv2j3CKt5owBFv4aJHjwTjzP_xgtrwof3AN9g4kBFQ=452">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019dbf9a53ef-b8fbc478-4cea-4edd-8bff-fdd47717fe38-000000/M7i1kM1Ay39sIxDkgxgTT5x6iR9oiEXS0VHktuiFyDw=452" style="display: none; width: 1px; height: 1px;">
</body></html>