<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Several UK government officials’ email accounts were compromised due to exploitation of the FortiBleed vulnerabilities. Emails and passwords </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/4eF_7UMsTmtQ2IY1pwN2WbVCX_BCvFxA2K4tmH7EL5c=452" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/RegZIj9TVKbvwvT6NS_4asYswyFIhWcKOawMcgsNcbI=452" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=9bc6236e-79db-11f1-abd5-97b94215f42e%26pt=campaign%26t=1783429626%26s=3d2ad71777e11d14d83605a408eaf25cff8143885a551c570422af92a483c624/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/wgVeKHilpBDQpFt_UW2KR1N4i4FNcuPoVkTmwCUTslg=452"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-07-07</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🔓</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F07%2Fnew-skillcloak-technique-lets-malicious.html%3Futm_source=tldrinfosec/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/BhoMABjN6dPn0OBapbh0iDEYdRtr5oR-3zm5Ba7Rvuk=452">
<span>
<strong>SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers show that simple byte changes and a self-extracting packing method called SKILLCLOAK let malicious AI agent skills bypass eight popular static scanners in over 90% of tests, while a sandboxed runtime monitor, SKILLDETONATE, catches most cloaked skills instead.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.telegraph.co.uk%2Fnews%2F2026%2F07%2F05%2Frussian-hackers-steal-government-logins%2F%3Futm_source=tldrinfosec/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/8GSWJnF6g4NOqri7riSf1lw2p_Y30sWWe0namB4b89w=452">
<span>
<strong>Russian Hackers Steal Government Logins (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Several UK government officials' email accounts were compromised due to exploitation of the FortiBleed vulnerabilities. Emails and passwords for the officials are being sold by the attackers on the dark web for $60k. The hack does not appear to be state-sponsored, but the threat actors seem to be Russian speakers.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberpress.org%2Fmoody-bible-institute-data-breach%2F%3Futm_source=tldrinfosec/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/TAhxN2B6qCACUyrt-w9VJBa4-yIv5qb0bbRt08zR3v8=452">
<span>
<strong>Moody Bible Institute Data Breach Exposes 2.3M Email Addresses (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Moody Bible Institute, a Christian educational institution, confirmed a breach after the ShinyHunters ransomware group. The data includes dates of birth, email addresses, genders, marital statuses, names, phone numbers, and physical addresses belonging to 2.3M individuals.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧠</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securonix.com%2Fblog%2Fveildrop-blogspot-hosted-powershell-loader%2F%3Futm_source=tldrinfosec/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/z-VkJptYmOsISnooObejgZMwDzJKriD3iyV5wjBN3mk=452">
<span>
<strong>Veil#Drop: Blogspot-Hosted PowerShell Loader Delivers PureLog Stealer Through XOR-Encoded In-Memory .NET Payloads (20 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Veil#Drop is a multi‑stage PowerShell‑based framework that starts from a JavaScript file disguised as a document, then uses Windows Script Host to launch PowerShell with execution policy bypassed and pull further stages from attacker‑controlled Blogspot pages. Payloads are XOR‑encoded, decoded only in memory, and reconstructed into .NET assemblies that are loaded via reflection without touching disk. The campaign relies on compromised websites, document‑style multi‑extension filenames, LOLBIN‑based execution fallbacks, decoy content, cleanup of the initial launcher, and finally deploys PureLog Stealer to grab browser credentials, cookies, crypto wallets, and other user data.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FudLvab/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/t2Oo_k70_nGp0FjqGVVHWt0dM_3LEvRBBahr8PQfoZ8=452">
<span>
<strong>You Are Not Where You Think You Are, Opera Browsers Address Bar Spoofing Vulnerabilities (14 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Renwa documents several address bar spoofing bugs across Opera GX, Opera, Opera Touch, and Opera Mini on desktop and Android. Techniques include abusing intent URLs and data URLs, silent installation, and upgrading of GX Mods into extensions that can spawn chrome.windows popups without a URL bar, and mis-handled Google search redirects that rewrite the visible URL while serving attacker content. Other issues misuse custom schemes and fullscreen mode to freeze or hide the real address bar. All reported flaws were fixed and rewarded through Opera's bug bounty.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fkanenarraway.com%2Fposts%2Fagent-identity-models%2F%3Futm_source=tldrinfosec/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/QpmNLyqgEMyutmqRqZ7-_8UEIo91GqWAXd7c-J19y9U=452">
<span>
<strong>Three Ways to Give an AI Agent an Identity (17 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
There are three primary paradigms for granting AI agents an identity: borrowing the user's identity, granting the agent its own token/API key, and giving the agent its own identity. On top of any of these models, there is a layer of plumbing such as Okta Cross App Access, agent control planes, or SPIFFE/SPIRE. Cloud providers are offering the third model as a service.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧑💻</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Famruth-sn%2Fkong%3Futm_source=tldrinfosec/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/sLB5DpRP1w7UXsGkvoj7BvW2tcGTh2-EbgMfN4oCve0=452">
<span>
<strong>Kong (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Kong applied an agentic pipeline to reverse engineering, using Ghidra's program analysis to build call-graph context before orchestrating LLM-guided decompilation to recover function names, types, and struct layouts in stripped binaries. The tool's semantic synthesis pass unified naming conventions post-analysis, and its agentic deobfuscation stage targeted control-flow flattening, bogus control flow, and VM protection.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fpglombardo%2FPasswordPusher%3Futm_source=tldrinfosec/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/fKoSHYSkIV8mj2r8bSJY-_3J9oWpidgaFiwJiMk82Tw=452">
<span>
<strong>PasswordPusher (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Securely share sensitive information with automatic expiration and deletion after a set number of views or duration. Track who, what, and when with full audit logs.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fiimp0ster%2Fdetection-chokepoints%3Futm_source=tldrinfosec/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/UFE2S8LcGDE1jfv4NoL9AYlt888olKVgJdjUwsMA_mI=452">
<span>
<strong>Detection Chokepoints (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A community detection engineering resource organized around invariant prerequisites. Every chokepoint is a condition that attackers can avoid.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🎁</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="mailto:infosec@tldr.tech?utm_source=tldrinfosec">
<span>
<strong>TLDR is hiring a curator for TLDR Infosec! (TLDR Curator, ~5 hrs/week)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Over 400,000 subscribers read TLDR Infosec to stay on top of the latest in cybersecurity, vulnerabilities, breaches, threat research, and security tools. If you work in security and want to help curate it, send your LinkedIn or resume to <a href="mailto:infosec@tldr.tech" rel="noopener noreferrer" target="_blank"><span>infosec@tldr.tech</span></a>!
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwords.filippo.io%2Fvuln-reports%2F%3Futm_source=tldrinfosec/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/OcGdcd4O-IN_Wy7SjDJXAObuUcLzUDPrDEas8nyF1X8=452">
<span>
<strong>Vulnerability Reports Are Not Special Anymore (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Vulnerability reports have lost the special status they once held as LLMs now let both defenders and attackers surface security issues at similar rates, eliminating the scarcity of insight that justified prioritizing coordinated disclosure. The operational bottleneck has shifted from finding vulnerabilities to triaging the flood of LLM-generated reports, many of which are technically valid but carry unclear real-world impact. Some especially high-severity or high-trust reports would still warrant special handling, while the broader population of reports would need to be treated like regular issue-tracker submissions.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F07%2F06%2Fcanadian-spy-agency-says-it-hacked-drug-traffickers-extremists-and-a-ransomware-gang-last-year%2F%3Futm_source=tldrinfosec/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/RTnrC1hP9VONeQZgD2-u8FobUP28ipszz9Uoa3o6-NM=452">
<span>
<strong>Canadian spy agency says it hacked drug traffickers, extremists, and a ransomware gang last year (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Canada's CSE describes three foreign hacking operations and one defensive action. It disrupted fentanyl chemical brokers, weakened an extremist group's online recruitment, and shut down a ransomware-as-a-service gang, wiping data from its servers. It also ran technical disruptions against 10 major ransomware groups and broke up a phishing campaign hitting Canadian government systems.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.itnews.com.au%2Fnews%2Fmicrosoft-device-telemetry-key-to-unmasking-alleged-scattered-spider-hacker-627148%3Futm_source=tldrinfosec/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/koT_EL_Qb-VBjg7zPJTCKf_l0he_1CjbBfJxllZ1Gis=452">
<span>
<strong>Microsoft device telemetry key to unmasking alleged Scattered Spider hacker (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
FBI investigators identified 19-year-old Scattered Spider suspect Peter Stokes largely through a Microsoft global device identifier (GDID) that survived his VPN and ngrok tunneling, then cross-referenced its IP history against Snapchat, Apple, and Facebook login logs to tie him to a US$8 million ransom demand and broader conspiracy charges under the FBI's Operation Riptide.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">⚡</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FsjE4nm/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/T-1iOdBYpBwJ_52XUHnGPYyaruoB3QXD-7zod1Zkw3Q=452">
<span>
<strong>Proof-of-Concept Exploit Released for Linux ‘Bad Epoll' Root Access Vulnerability (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A newly disclosed Linux kernel bug, CVE-2026-46242 “Bad Epoll,” is a race-condition use-after-free in epoll that lets unprivileged processes gain root via a PoC ROP exploit.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F07%2F04%2Falibaba-reportedly-bans-employees-from-using-claude-code%2F%3Futm_source=tldrinfosec/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/Jc5e3B34-y4cn0QifnKFF4P7reJ4wFAJIx_EbXj410k=452">
<span>
<strong>Alibaba reportedly bans employees from using Claude Code (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Alibaba has reportedly classified Claude Code as high-risk software and instructed employees to switch to its own Qoder tool by July 10.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FnO9lcG/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/YbEvmcmkDI_Mv_5SUTvR5ay7tLG59Bsj9mW4mxv_fxw=452">
<span>
<strong>FFmpeg fixes PixelSmash flaw in widely used video decoder (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
FFmpeg patched CVE-2026-8461 (CVSS 8.8), a heap out-of-bounds write in the MagicYUV decoder enabling DoS across Kodi, OBS Studio, PhotoPrism, and Nextcloud and full RCE on Jellyfin via crafted AVI/MKV/MOV files when ASLR is disabled.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/2ykYzE6r_4tB7qMGYzv4yoEMLp700fcM1Z1cGEFfsWI=452" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/ixkKUjVvsiG-EYp0kau_ue7lVGzBSCntRnCNzZfhwrY=452" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? 📰
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/tHFmIBN2Exm6Me_doIGKpQaw_7WsUDlobaO62P3NulE=452"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? 💼
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/CyEIjvFz8n68-15PHInWutQPNEtEyEK02vBTS5CPX_o=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/XK4NJTMaAXBzM4y3VpVk6ECIKgCc30HZya7ZM9mIXjw=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/a61b61ThNUu2rYNN177eYS0eLz8v61pb3NNBJSRPwZI=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/nv_Ja4Sq0yePp_PXOovwvPk325Yne5Sdlk7uK9_YrZk=452"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/pP_AsT2RSD91hG-xphJefwTHaFKyayg3iZi7AA6n2LM=452"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/lQx3xK9_8xCHD5GqnxqvRGc-bfo6y__WCU5XKBbJ78g=452"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/C7m0Gbb2vL5WPA2m2YOgH2jL08p7LHr9Rtd-jJNfSCA=452">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=9bc6236e-79db-11f1-abd5-97b94215f42e%26pt=campaign%26pv=4%26spa=1783429304%26t=1783429626%26s=82bdb421007cba43c154a92186c0f2808afe19985592e7c95cb7fabd4dd8a879/1/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/d8xxbDgJI7foyhjRHHM2Cabwcak29kycLt7FqTIIz7s=452">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019f3cb07a89-b2f39ac9-4f98-4fb0-bd58-7759cc8aa26b-000000/wk2LqMpEOfgtuUbMAFt2H7MUS_Rx02MLHealUeYPwNQ=452" style="display: none; width: 1px; height: 1px;">
</body></html>