<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">CISA added CVE-2026-45659 (CVSS 8.8), a deserialization-of-untrusted-data RCE in SharePoint Server Subscription Edition β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/wKOaTk_Q8uy1XWA6s64zQtmS1gKrHqRLK41KaUWQfgw=452" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/SLf13CDM4n-O2BI3mmf5-nN1EgV8Z9XpWPqANPM7hvk=452" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=759d6e9a-769d-11f1-b4df-810be0ce94d4%26pt=campaign%26t=1783083989%26s=7fac911aa34a49c8f5c7fd8d5ceb536dc6e158988f363e0365b142035a38e21e/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/laH8wgtpAk1Cw06azUup7iJiNNYiq5_srkv_iB_mic8=452"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FNVpecD%3Futm_source=TLDR%26utm_medium=newsletter%26utm_campaign=2026-07-03_Primary_Intruder%2BSystems%2BLtd%26utm_content=header_1_4_organizations/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/bWsFXChy9gpLRv-1HqcWy2CpmY1rAcpdti8MCTyRPHI=452"><img src="https://images.tldr.tech/intruder.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Intruder"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-07-03</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FNVpecD%3Futm_source=TLDR%26utm_medium=newsletter%26utm_campaign=2026-07-03_Primary_Intruder%2BSystems%2BLtd%26utm_content=header_1_4_organizations/2/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/obwabbmE8abP9SndGO_iSo5twi_Z04BYWx0fJZ8-KPY=452">
<span>
<strong>1 in 4 Organizations Have Exposed MySQL Databases (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Most teams would be surprised what's still open on their own network. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FNVpecD%3Futm_source=TLDR%26utm_medium=newsletter%26utm_campaign=2026-07-03_Primary_Intruder%2BSystems%2BLtd%26utm_content=body_intruder/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/Y8B1gr4C4yGQ6JAyYyzzfRohFbFwcxZLUV5TbrFUdhw=452" rel="noopener noreferrer nofollow" target="_blank"><span>Intruder</span></a> analyzed 3,000 organizations and found attack surface that simply shouldn't be there β and with time-to-exploit down to a day, it's a problem worth fixing.
<p></p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FNVpecD%3Futm_source=TLDR%26utm_medium=newsletter%26utm_campaign=2026-07-03_Primary_Intruder%2BSystems%2BLtd%26utm_content=cta_whats_2026_attack/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/qpnNV4NGDqzBLP0N-x4_bGw-ZDnuUTPSncv1W997hH0=452" rel="noopener noreferrer nofollow" target="_blank"><span>See what's in the 2026 Attack Surface Management Index β no email needed</span></a><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FNVpecD/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/W4azw1vByvkVSnoWbPzthv6ZlRR6OM_XFbuQTtrX2nE=452" rel="noopener noreferrer nofollow" target="_blank"><span>.</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F07%2Fsharepoint-rce-cve-2026-45659-added-to.html%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/4XmL3QS2c2-9Am6v0RzygYQ7w5vCbGOAXnmpPoRflS0=452">
<span>
<strong>SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CISA added CVE-2026-45659 (CVSS 8.8), a deserialization-of-untrusted-data RCE in SharePoint Server Subscription Edition, SharePoint Server 2019, and SharePoint Enterprise Server 2016, to its KEV catalog after confirming active exploitation, though Microsoft rates exploitation as "less likely" and the threat actor remains unidentified. Any authenticated attacker with only Site Member permissions could trigger the flaw for remote code execution, no elevated privileges required. Microsoft patched the issue in May. FCEB agencies were ordered to remediate by July 4. Defenders elsewhere should prioritize patching and audit for anomalous authenticated activity on internet-facing SharePoint servers.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2Fsecurity%2F2026%2F07%2F02%2Fpacemaker-manufacturer-medtronic-warns-patients-cybercrooks-may-have-swiped-health-data%2F5265768%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/Q3R3dv5-SwpACGwEjNPib5tZMUyG98jzpB2EYSELYtw=452">
<span>
<strong>Pacemaker manufacturer Medtronic warns patients cybercrooks may have swiped health data (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Medtronic found unusual network activity in midβApril and later confirmed intruders accessed corporate systems for six days, exposing patient identifiers, contact details, Social Security numbers, and health data used for device support and regulatory compliance. The company says devices still operate safely and has offered credit and dark web monitoring, but has not clarified how attackers got in or how many patients are affected.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.catonetworks.com%2Fblog%2Fduneslide-two-critical-rce-vulnerabilities%2F%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/nddREYXr_gy9mM6hX14WUOcJTgzGG4KNQGIA-CJBboQ=452">
<span>
<strong>DuneSlide: Two Critical RCE vulnerabilities via Zero-Click Prompt Injection in Cursor IDE (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cato AI Labs uncovered two 9.8 CVSS remote code execution flaws in Cursor IDE, tracked as CVE-2026-50548 and CVE-2026-50549, that let zero-click prompt injection delivered through an untrusted MCP server or poisoned web result escape the terminal sandbox and achieve full system compromise. The flaws stemmed from two independent architectural gaps, working directory parameter manipulation and a symlink canonicalization fallback, that let an LLM agent be steered into overwriting the cursorsandbox binary, showing how prompt injection reached beyond the LLM layer into classical vulnerability classes not previously treated as part of the coding agent attack surface. Cursor initially rejected the report on the grounds that its threat model excluded MCP server misuse, then reopened it on escalation and shipped fixes in the Cursor 3.0 client, with Cato framing the case as evidence that autonomous command execution in coding agents needs systemic rather than one-off protection.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Funit42.paloaltonetworks.com%2Fphantom-squatting-hallucinated-web-domains%2F%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/czAJ4cFZeAROPyYKkS_nHxVKImkZFMnRCtMoAEVQNnY=452">
<span>
<strong>Phantom Squatting: AI-Hallucinated Domains as a Software Supply Chain Vector (20 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Unit 42 mapped 913 brands across two LLMs, generating 2.1 million URLs, of which 13,229 resolved to confirmed malicious infrastructure and roughly 250,000 collapsed into unregistered "phantom domains." Adversarial exploitation windows of 18β51 days between hallucination and registration gave defenders lead time via proactive watchlisting. In the flagship case, an attacker built the Montana Empire phishing kit with an AI coding assistant, targeting a domain Unit 42's pipeline had flagged 23 days earlier. A second campaign spoofing a national postal service delivered a malicious APK 51 days after prediction. Defenders should treat LLM-generated URLs as untrusted output requiring independent verification, register high-risk brand domain permutations preemptively, and monitor DNS registration event streams for known hallucination patterns rather than relying on reputation-based blocklists, which fail against zero-history infrastructure.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsoatok.blog%2F2026%2F06%2F30%2Fsoatoks-informal-guide-to-threat-models%2F%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/lWPCAS-DDUagm6dU7CYcnkpJqfhzVTxxh6PWL0-td8Q=452">
<span>
<strong>Soatok's Informal Guide to Threat Models (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A robust threat model defines protected assets, identifies plausible adversaries, maps attack paths, and specifies mitigations while explicitly documenting asset relationships, assumptions, and deliberately out-of-scope threats. Treating threat models as living documents enables continuous refinement as systems and threat landscapes evolve, particularly in decentralized ecosystems like the Fediverse, where key transparency mechanisms introduce unique trust dynamics. Defenders should iterate on models regularly, validate assumptions against real-world telemetry, and align controls with the specific risk posture of their environment.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flabs.watchtowr.com%2Fits-37oc-and-all-we-can-think-about-is-coldfusion-adobe-coldfusion-security-bulletin-apsb26-68-cve-bonanza%2F%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/FjoGPsXLJGUZrN4O69K32kdS2PH-XAMg76dsmTCnQmA=452">
<span>
<strong>It's 37oC, And All We Can Think About Is ColdFusion (9 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Adobe ColdFusion 2023 and 2025 received a large security update fixing multiple remote file read and write flaws in the RDS FILEIO service, which can lead to unauthenticated remote code execution when RDS is enabled and authentication is off. This post walks through the RDS RPC format, shows how weak path handling allowed arbitrary filesystem access, and explains how new canonical path checks block traversal. It also details unauthenticated file upload and directory listing issues in the CKEditor file manager that run as NT AUTHORITY\SYSTEM when uploads are enabled.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FkoYAD4/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/Wd6GrTUX9iMAz2czkM41GkphrYkpR_Z4JTQ__kJ4zW0=452">
<span>
<strong>Signal and Cloudflare Deploy Post-Quantum Cryptography to Preempt Quantum Threats (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Signal and Cloudflare have completed a coordinated migration to post-quantum cryptographic algorithms, securing their encrypted communications against future quantum computing attacks that could break traditional public-key cryptography. This deployment disrupts the attacker kill chain at the cryptographic negotiation phase, eliminating reliance on RSA and ECC, which are vulnerable to Shor's algorithm on a sufficiently capable quantum computer. Defenders should prioritize inventorying cryptographic agility in their systems and planning for NIST-standardized post-quantum algorithms to mitigate Q-day risks before quantum decryption becomes feasible.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Falexgreensh%2Frepo-forensics%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/I_PlUR8wsMrTSSZbKgZn4GomYzIYQEPGDxa3dkoOvvc=452">
<span>
<strong>Repo-forensics (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Offline security scanner for AI-agent repos, skills, plugins, and MCP servers.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fbadkeys%2Fbadkeys%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/bSwmjdDlBDVJOwgqKU6Qllo7XH2WKDUEUAFVfr5V80o=452">
<span>
<strong>badkeys (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
badkeys checks public keys in PEM, X.509, CSR, and SSH formats against known cryptographic vulnerabilities. Installable via pip or run directly from the repository, it supports direct SSH/TLS host scanning alongside local file scanning.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="mailto:infosec@tldr.tech?utm_source=tldrinfosec">
<span>
<strong>TLDR is hiring a curator for TLDR Infosec! (TLDR Curator, ~5 hrs/week)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Over 400,000 subscribers read TLDR Infosec to stay on top of the latest in cybersecurity, vulnerabilities, breaches, threat research, and security tools. If you work in security and want to help curate it, send your LinkedIn or resume to <a href="mailto:infosec@tldr.tech" rel="noopener noreferrer" target="_blank"><span>infosec@tldr.tech</span></a>!
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F07%2Fgoogle-disrupts-netnut-residential.html%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/MNkDzrypoHQ2HEZlqR-tEOSKCDaooGBXWF5Zndk2ZR0=452">
<span>
<strong>Google Disrupts NetNut Residential Proxy Network Spanning 2 Million Home Devices (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google and its partners have sharply reduced NetNut, a residential proxy network tied to at least 2 million home devices, many of which run hidden code from free apps or cheap hardware. Attackers used these exit nodes for password-spray campaigns and to move into home networks, with overlap to Mirai and Badbox 2.0 botnets. Google warns that paid βbandwidth sharingβ apps, off-brand smart TVs, and proxy/VPN apps with broad permissions are key risks to watch.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F07%2F02%2Fus-government-says-it-got-hacked-again%2F%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/uJhYU4kSnDMmDWT_xfTQ8JQUOZUHo-rdzuPoybuNL8E=452">
<span>
<strong>US government says it got hacked β again (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
DHS is investigating a breach of its Homeland Security Information Network, used by federal, state, and local agencies to share unclassified but sensitive intelligence and coordinate major events. Hackers accessed HSIN servers in late May and early June, prompting isolation of affected systems and a forensic probe. Data exposure could reveal surveillance-related personal information and operational details for events like the World Cup and past emergency responses.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdeveloper.nvidia.com%2Fblog%2Fhardware-rooted-ai-security-that-wont-slow-you-down%2F%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/LfF9Fe5TXoZhaHTGwpDAQCHyZPG4DoK8_o0za4wx7DY=452">
<span>
<strong>Hardware-Rooted AI Security That Won't Slow You Down (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
NVIDIA's Confidential Computing (CC) architecture for Blackwell GPUs uses a hardware-fused private signing key and remote attestation via NRAS to protect model weights and data during inference without exposing secrets to the host system. Benchmarks on an HGX B300 running Qwen 3.5 397B-A17B showed that CC delivered up to 98% of non-CC throughput across concurrency levels from 4 to 256, with overhead primarily due to secure work submission latency and encrypted host-to-device bandwidth limits. Optimizations cited included FlashInfer's GPU-timer-based autotuning, SGLang's async D2H copy worker, and piecewise CUDA graph replay.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FF8kMlU/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/sfnbd6Pg-AkFeuBgNQNuGKdfuJQOalxB_Payul0fvC0=452">
<span>
<strong>New CitrixBleed Vulnerability Exploited Immediately After Public Disclosure (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Threat actors started exploiting NetScaler CVE-2026-8451 within a day of public disclosure, using payloads that trigger an out-of-bounds read in the SAML IDP XML parser and leak memory via the NSC_TASS cookie.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F07%2Fmicrosoft-accelerates-post-quantum.html%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/-W5boKUnuMZzynfo2m90ehob0hd9AJEGsBKBeXL61uI=452">
<span>
<strong>Microsoft Accelerates Post-Quantum Cryptography Shift to 2029 (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft is fast-tracking its Quantum Safe Program to shift critical products to post-quantum cryptography by 2029.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bbc.com%2Fnews%2Farticles%2Fcp8r1798kp7o%3Futm_source=tldrinfosec/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/XiZo3Yvo4-Q6Hp1ceD8JkZrdYREbyRqF27W8ck1gS6w=452">
<span>
<strong>Car Tracking Features for 'Convenience Not Security' Warns Kia (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
There is an increasing disconnect between consumer expectations and the reality of connected car tracking.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/60hWTq8CDV2dY2S1hEV8N3Ilu4GOU1mq7pehs-260zQ=452" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/JKkyr2NOMm1r_6P1PxTAe3oUvIDt_2dIPpcRBkPxPvc=452" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/Ma4p1WtfICJz3KlgyhnhSpExovy9Xof8qP1M69XyvJw=452"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/pMGECBOA8A-kKLCprF1_gOx_P22PQuekop7ayMR4-7Y=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/oW6j7PBparvH-5E_HFT7DH_Jb3Nvho5A5JBkzupwxTQ=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/s_G_eOJa2_veoyNZmkaRici8akBdkLDAQQE-EbKpvbQ=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/C-BLEVhY12L1MJ0Xv0QDOEQaIZQRnicwNgxaLH-rTT4=452"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/UCCzqNLLQ-RzNn3OZYHaUVK5JMhRsr38N-h6qW0kLJk=452"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/4Z66A7ZzAZXNj_s83y0lPG_7n1S6YJBlwefdZWROVU8=452"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/aesbwnnmlmzP8UjZJ6F4ce0SPKF83kAvcInEuY-nAJQ=452">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=759d6e9a-769d-11f1-b4df-810be0ce94d4%26pt=campaign%26pv=4%26spa=1783083673%26t=1783083989%26s=dafb83b9dfead6a72093bba79c02e813e48cf0a2b4c72534b9ee941b52735b1a/1/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/KK_2GhBVVP-MqrPA6T4Yq3Xhu9yCSCLS4MxcXHQpZp8=452">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019f28167a4d-535cf1d8-14b1-43a5-9ac2-af964f10aedd-000000/TGqfvviJCGzKDX2OoVPmWOoPxH7txrcHa0e-iDVPcDQ=452" style="display: none; width: 1px; height: 1px;">
</body></html>