<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">An automated password spray from an IPv6 range controlled by LSHIY LLC pushed over 81 million Azure CLI login attempts between June 12β26 β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/fULIc4O_je7rpMOxvE0guMbD0ONU8alWxOcYJdpyraw=452" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/uc15AfJaB_uDH_4IV70Tb5B6J_v2_GY3rc98ChdD_Rs=452" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=9d97e3bc-75d0-11f1-b7df-29e464f9ae3e%26pt=campaign%26t=1782997611%26s=8ca8aaec1021038f4e0617ef7b1c6c7ae1df8ec06f98ce18d5ccbb31b13c37a8/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/wCbddumCt_RVnsYK-YVZIC8r_BAFL5r1UFqvdtDWdNI=452"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-07-02</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F07%2Fazure-cli-password-spray-hits-at-least.html%3Futm_source=tldrinfosec/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/3nbtmTpylsu8gBzy7TyFjp28i6D9sSEsHq6mejhiJFI=452">
<span>
<strong>Azure CLI Password Spray Hits at Least 78 Microsoft Accounts in 81M+ Attempts (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
An automated password spray from an IPv6 range controlled by LSHIY LLC pushed over 81 million Azure CLI login attempts between June 12β26, compromising 78 accounts across 64 organizations. Attackers abused the deprecated ROPC OAuth flow to bypass misconfigured Conditional Access and weak MFA coverage, using old leaked credentials. Huntress urges strict MFA for all users and apps and limiting Azure CLI access for nonβadmins.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FRK7ACM/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/i1CuGhCpja-SSwEkY3bFVcZyP-l9bWtNSjLnSJyIjkg=452">
<span>
<strong>Attackers Seize Exposed AI Endpoints to Power Offensive Ops (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attackers are abusing misconfigured Ollama and LiteLLM instances by targeting exposed inference endpoints that often lack authentication or rely on placeholder keys with offensive tooling. Three observed operators used autonomous pentest frameworks and a Codex-based agent to probe, weaponize tooling, and perform Web reverse-engineering via hijacked backends. Defenders should avoid Internet exposure, enforce real auth, inspect request bodies, and monitor abused ports and IPs.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.nextgov.com%2Fcybersecurity%2F2026%2F06%2Fhackers-breached-dhs-information-sharing-network-people-familiar-say%2F414534%2F%3Futm_source=tldrinfosec/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/TUoWahP1eeqrkOZSrQx6fpqyS98-d-hrU713sKXSZDs=452">
<span>
<strong>Hackers Breached DHS Information-Sharing Network (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
An unknown threat actor gained access to the DHS' Homeland Security Information Network (HSIN), which is used to communicate with federal, state, local, and industry partners. While the HSIN carries only unclassified data, it still contains sensitive information, including partner requests, operational management, coordination of safety and security for planned events, and the sharing of mission-critical information. The DHS confirmed that no classified systems were accessed.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.synacktiv.com%2Fen%2Fpublications%2Fcaught-in-the-octopus-trap-unauthenticated-rce-in-argo-cd-with-codeql%3Futm_source=tldrinfosec/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/Ud1guq2xkGce_zvM_fpsQzr5s6flIfGg8nWf5e2UpYk=452">
<span>
<strong>Caught in the Octopus Trap: Unauthenticated RCE in Argo CD with CodeQL (13 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Synacktiv shows how unauthenticated attackers can reach Argo CD's repo-server gRPC endpoint and use crafted Kustomize options to run commands via the kustomize binary, then pivot to Redis to steal credentials and push malicious manifests. They demonstrate exfiltrating the Redis password, abusing cached manifest and git-refs entries to trigger autosync on an evil deployment, and ultimately gaining control of the Kubernetes cluster. They then end with concrete mitigations: lock down repo-server and Redis network access, and ensure Argo CD network policies are actually applied, including when deploying via Helm.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fastral.sh%2Fblog%2Fuv-audit%3Futm_source=tldrinfosec/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/5bSyNRYufIeosQ_dHnDtrwxSUxTldT93Nxgt2oLOEIg=452">
<span>
<strong>Vulnerability and Malware Checks in uv (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
`uv` added two new features to protect against supply chain attacks. `uv audit` is a native feature that is similar to `pip-audit` and can be used to scan dependencies for known vulnerabilities and βadverseβ project status. `uv` also added a new environment variable to add a light malware scan that checks the OSV for any MAL advisories on packages when running `uv add` or `uv sync`.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fslack.engineering%2Fslack-ai-the-path-to-multi-cloud%2F%3Futm_source=tldrinfosec/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/_CrQwib69rgjEX9Bi_ZXPSEskzZquQkKqrMx21qVEtA=452">
<span>
<strong>Slack AI: The Path to Multi-Cloud (17 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
When Slack initially deployed Slack AI, they began with SageMaker and transitioned to Bedrock once it matured. They first used Provisioned Throughput and later added On-Demand in a hybrid routing scheme. Slack then added GCP's Vertex AI platform to expand their access to more models and improve resilience. To support the multi-cloud environment, they built an intelligent router that abstracted away the provider-specific implementation details.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdawnguard.ai%2F%3Futm_source=tldrinfosec/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/YawKXq1ApGKb5uNgsTfuWbmjC2H-heW1V3BFWM14owY=452">
<span>
<strong>Dawnguard (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Dawnguard provides a platform to design secure cloud architectures, generate production-ready Infrastructure-as-Code, and continuously check deployments for compliance and security drift so engineering and security teams share one live architecture workspace.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2F0xjbb%2FModuleStomped%3Futm_source=tldrinfosec/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/Y-5HGvNUP7YjAVQ7l1hg42AZqLMXcVOXwj_aTQnpYFc=452">
<span>
<strong>ModuleStomped (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
ModuleStomped is a PoC that aims to detect module stomped DLLs by checking the pdata section of each module.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fgoogle%2Fsec-gemini%3Futm_source=tldrinfosec/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/mEh6UVxjjH50pRbKUX93jN0JxqdxWEG_Dd6qWHY4YrE=452">
<span>
<strong>Sec-Gemini (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Sec-Gemini is a cutting-edge AI model designed to enhance cybersecurity capabilities and empower defenders in the ongoing battle against cyber threats.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;"> <div class="text-block"><span><a href="mailto:infosec@tldr.tech"><span><strong>TLDR is hiring a curator for TLDR Infosec! (TLDR Curator, ~5 hrs/week)</strong></span></a><br><br><span style="font-family: ;">Over 400,000 subscribers read TLDR Infosec to stay on top of the latest in cybersecurity, vulnerabilities, breaches, threat research, and security tools. If you work in security and want to help curate it, send your LinkedIn or resume to <a href="mailto:infosec@tldr.tech" rel="noopener noreferrer" target="_blank"><span>infosec@tldr.tech</span></a>!</span></span></div> </td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2Fai-and-ml%2F2026%2F06%2F30%2Fsecurity-researchers-tricked-llms-into-giving-them-cocaine-recipes-by-abusing-role-models-for-prompt-injection%2F5264115%3Futm_source=tldrinfosec/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/r6iLEWKOc0ODARdxeMo7VaC5m4ov1zggVFntI2IXY80=452">
<span>
<strong>Security researchers tricked LLMs into giving them cocaine recipes by abusing role models for prompt injection (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers Charles Ye, Jasmine Cui, and Dylan Hadfield-Menell show that LLM βroleβ tags are inferred from writing style rather than trusted metadata and can be spoofed. They designed a Chain-of-Thought Forgery attack that mimics OpenAI's terse system style, wins an OpenAI red-teaming contest, and drives jailbreaking success to about 60 percent, including cocaine synthesis instructions, while humans still reach nearβ100 percent success rates on some safety tests.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FwRb8YJ/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/IIkf6pZOZN3u9YutSde_d7s5a0GzJIxcQzJ9fgTVoTg=452">
<span>
<strong>Adobe Patches Seven Max Severity ColdFusion, Campaign Flaws (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Adobe has released patches for six critical vulnerabilities in its ColdFusion web app development platform and one in its Campaign Classic marketing platform. All of the vulnerabilities can be exploited by an attacker with low complexity and no user interaction to achieve remote code execution. Adobe has not seen any evidence that these vulnerabilities are under active exploitation but urges administrators to patch on-prem deployments as soon as possible.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjoshuasaxe181906.substack.com%2Fp%2Fglm-52-not-mythos-is-the-real-security%3Futm_source=tldrinfosec/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/SInQVJMMzyi_vffnodkvv_fFQ5E-4m3gsYhkHu81_wI=452">
<span>
<strong>GLM-5.2, Not Mythos, is the Real Security Emergency (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
When using frontier models, threat actors need to ensure their accounts aren't banned and to keep up with jailbreaks to bypass guardrails. GLM-5.2 offers threat actors an open-weight model that is competitive with frontier models but can be trivially fine-tuned to remove safeguards. This necessitates shifting the discourse away from denying attackers access to powerful models and toward enabling defenders to access and use them.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F07%2F01%2Fapples-hide-my-email-feature-has-a-bug-thats-been-exposing-real-email-addresses-researcher-claims%2F%3Futm_source=tldrinfosec/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/UE4UEIdUhJyX6jvBFUXNNxo2PzZCpV2rNJg_4L1Hupk=452">
<span>
<strong>Apple's Hide My Email feature has a bug that's been exposing real email addresses, researcher claims (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Apple's Hide My Email relies on disposable addresses, but there is a bug that lets attackers reveal the real email behind those aliases.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.justice.gov%2Fopa%2Fpr%2Falleged-member-criminal-cyber-hacking-group-scattered-spider-arrested-finland-and-extradited%3Futm_source=tldrinfosec/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/2oE2yxIbLwqdXu0Kq_PElcSh9YAi3VabSt-cKYykcbw=452">
<span>
<strong>Alleged Member of Criminal Cyber Hacking Group "Scattered Spider" Arrested in Finland and Extradited to the United States (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The DOJ has unsealed charges against Peter Stokes, 19, a US-Estonian dual citizen arrested in Finland via Interpol Red Notice and extradited to Chicago.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FRQRNSe/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/MWIzKQ5LowrZd-NjE3wX3_ds12iXyrbXY5lrSoX3h9Y=452">
<span>
<strong>FortiBleed credential-theft campaign linked to Lynx ransomware (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
SOCRadar tied the FortiBleed campaign, which harvested credentials from 430,000+ targeted FortiGate firewalls (roughly 11,000 still compromised) via a custom "FortiGate Sniffer" tool and a suspected unpatched Nextcloud zero-day.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/q2WHnYj5eexW2lsd3UVyd533TY_t4eD_GOyOWF8opNw=452" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/PDb-WPMlXRMwQlclCAJKi_Adoxc_5KQE2e7ZR-6LU58=452" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/Q1_M2mDghlaIPM51hl2UlDJCs3OobOlaJgA_LrXuLjI=452"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/WWPUChJV92gGeYldGkBgYFpoP5DIxLCas7J_Bgf7JFI=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/0-AeyZ8mtUIeoVU9_P6_uzAlNKWIa_esD5TWskJONhA=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/Sc4XJul20zN2diVsj93HVW6AztbC67prOsThEGEuQAQ=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/G8MMHtYs319fKwIjavmfcm2pFttqSxGID3zBo-hft5A=452"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/up1mqHYrDEcjnT_5pFyDpD92ynTO6zdqQXus0IEA4ig=452"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/PG8TLsjD7lmNO97WRQb-wiBa5jW44m1KCz17A62DWOI=452"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/OAaPW1pBMWAxGf-u-sgJOYj7HAKRFQiZsic6EwHtD20=452">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=9d97e3bc-75d0-11f1-b7df-29e464f9ae3e%26pt=campaign%26pv=4%26spa=1782997286%26t=1782997611%26s=fe990fd4b417aaf8137dc2333f3d464ceb012ff7f4600536968e01407f3697c3/1/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/4EiQyOQnaH7ixtcYV15nfAHwtg0gvnodlZY7Pinj8FU=452">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019f22f072fc-a63dd309-cf30-4c98-9aa1-978cbd9ff50a-000000/vAbEEx-hl2Dx0UlFCcuBqWlbnEeKYR0qP_yljHgYvYk=452" style="display: none; width: 1px; height: 1px;">
</body></html>