<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Samsung patched a remote code execution vulnerability that impacted Samsung devices running Android 13. Apple patched the relevant vulnerability โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/tSbpn8fRAEI0xKWFBCa6Z6gNtP94Zb_N6s8l3ARc6H0=422" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/KM6NuBnwvbDZelhwufxTUoPbNOuUAq6RfZwWu6O6Nsc=422" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=a7700584-91fd-11f0-a542-cb55a5e10ea4%26pt=campaign%26t=1757941659%26s=1a383e6f8b9c4cdd5653a2488a0168e9383a0d5fd4acc2075a80b0fe62802e9d/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/fQxDZ3lbENLp2RJOrS0nBix-CHe2dtRFY6192awn5zY=422"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexclaimer.com%2Fresearch%2Fstate-of-email-report-2025%2F%3Futm_medium=via-campaign-referral%26utm_source=tldr_newsletter%26utm_campaign=tldr%26utm_content=state_of_email_report/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/0azBS8BA89YS7MNr090ZHelQdWt13l2Su7IYxJGuy3Q=422"><img src="https://images.tldr.tech/exclaimer.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Exclaimer"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-09-15</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexclaimer.com%2Fresearch%2Fstate-of-email-report-2025%2F%3Futm_medium=via-campaign-referral%26utm_source=tldr_newsletter%26utm_campaign=tldr%26utm_content=state_of_email_report/2/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/aEW4rtfnGPZdDbHO7GcJBR6c9YIW5sWGkSNYgRlizyc=422">
<span>
<strong>Email threats are risingโbasic defenses still lag (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
<strong>83% of IT leaders have faced email-related security incidents</strong>, and nearly half saw them happen in just the past year. Phishing and spoofing top the listโmaking email not just a communication tool, but a frontline risk surface. But despite the risk, <strong>only 33% have implemented core protections</strong> like DMARC, DKIM, or SPF. <p></p><p>The disconnect is clear: exposure is rising, but the fundamentals are still missing. </p><p>Exclaimer's latest research reveals how IT leaders are reassessing their defenses and building email into their broader risk postureโwithout adding more manual work. </p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexclaimer.com%2Fblog%2Fmastering-email-security-a-guide-to-protecting-your-inbox%2F%232-other-tools-for-workplace-protection%3Futm_medium=via-campaign-referral%26utm_source=tldr_newsletter%26utm_campaign=tldr%26utm_content=mastering-email-security-blog/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/TepsP6U14T_SyBuhIYSj0-a3W9gKEdplbHkgc5LEL4c=422" rel="noopener noreferrer nofollow" target="_blank"><span><strong>โ </strong></span></a><a class="Hyperlink SCXW250283025 BCX4" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexclaimer.com%2Fblog%2Fmastering-email-security-a-guide-to-protecting-your-inbox%2F%232-other-tools-for-workplace-protection%3Futm_medium=via-campaign-referral%26utm_source=tldr_newsletter%26utm_campaign=tldr%26utm_content=mastering-email-security-blog/2/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/Wr-W_81GPx9DVjvsB0l6pvcDwXHwqa9m9lr5zeJoZ24=422" rel="noreferrer noopener" target="_blank"><span>Explore the security trends</span></a></p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexclaimer.com%2Fresearch%2Fstate-of-email-report-2025%2F%3Futm_medium=via-campaign-referral%26utm_source=tldr_newsletter%26utm_campaign=tldr%26utm_content=state_of_email_report/3/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/hSL2-A4I6tNBhsh2kPLvdHl_fmxAxJtmNKpgo4EGkbg=422" rel="noopener noreferrer nofollow" target="_blank"><span><strong>โ </strong></span></a><a class="Hyperlink SCXW250283025 BCX4" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexclaimer.com%2Fresearch%2Fstate-of-email-report-2025%2F%3Futm_medium=via-campaign-referral%26utm_source=tldr_newsletter%26utm_campaign=tldr%26utm_content=state_of_email_report/4/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/0Z4l-yGMmGmcJva02HecLc5XOczNOx-osHNarSzY5MY=422" rel="noreferrer noopener" target="_blank"><span>Get the full research</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurityaffairs.com%2F182149%2Fmalware%2Fhybridpetya-ransomware-bypasses-uefi-secure-boot-echoing-petya-notpetya.html%3Futm_source=tldrinfosec/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/MP2Zo20eEeIq4vsjoTaazJE66QZNp5yTNIpkWJxR5pk=422">
<span>
<strong>HybridPetya ransomware bypasses UEFI Secure Boot echoing Petya/NotPetya (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The HybridPetya ransomware on VirusTotal echoes the infamous Petya/NotPetya attacks but adds UEFI bootkit capabilities and exploits CVE-2024-7344 to bypass UEFI Secure Boot on outdated systems. Unlike NotPetya, HybridPetya functions as actual ransomware with decryption capabilities, encrypting the Master File Table after compromising EFI partitions and displaying fake CHKDSK status before showing ransom demands. This marks the fourth known UEFI bootkit with Secure Boot bypass capability, joining BlackLotus, BootKitty, and the Hyper-V Backdoor PoC, indicating these sophisticated attacks are becoming more common.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fwhitecobra-floods-vscode-market-with-crypto-stealing-extensions%2F%3Futm_source=tldrinfosec/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/-lByZ90efB3VmNEG7HAH6q8omYWQL7AS1w-XHBMBsu4=422">
<span>
<strong>WhiteCobra Floods VSCode Market With Crypto-Stealing Extensions (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A threat actor named WhiteCobra has been flooding the VSCode marketplace and OpenVSX registry with malicious extensions targeting VSCode, Cursor, and Windsurf users. The extensions contain an extension.js file that is nearly identical to the Hello World example but loads a prompt.js file, which downloads and executes a platform-specific infostealer payload from Cloudflare Pages. An Ethereum core developer reported on X that their wallet was drained after downloading a seemingly legitimate extension with a professional logo, detailed description, and 54K downloads.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fsamsung-patches-actively-exploited-zero-day-reported-by-whatsapp%2F%3Futm_source=tldrinfosec/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/0npvlm7wtQ8dkGQ8TOycIzeg2xAU_-uNFUIzzsTj2rI=422">
<span>
<strong>Samsung Patches Actively Exploited Zero-Day Reported by WhatsApp Devs (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Samsung patched a remote code execution vulnerability that impacted Samsung devices running Android 13 or later. The vulnerability arose from an out-of-bounds write in the libimagecodec.quram.so library, which is used for image parsing. Apple patched the relevant vulnerability in its devices last month after it was reported to it by WhatsApp and Meta researchers as well.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐ง </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgoogleprojectzero.blogspot.com%2F2022%2F06%2Fcurious-case-carrier-app.html%3Fm=1%26utm_source=tldrinfosec/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/bHccp5OuEnpHlgNe4YMw-obN3QE1dI-HC1pR5LWt4vk=422">
<span>
<strong>The curious tale of a fake Carrier.app (17 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google Project Zero found a fake carrier app exploiting a heap overflow in Apple's DCP firmware on iPhone 12/13. The exploit bypassed kernel protections by targeting the DCP's weaker security, using a fake Vodafone app distributed via enterprise certificates to sideload malware. The vulnerability (CVE-2021-30983) caused memory corruption through an unbounded loop in display code, allowing attackers to gain kernel access by corrupting C++ objects and manipulating memory between the DCP and main system.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.trendmicro.com%2Fen_us%2Fresearch%2F25%2Fi%2Funmasking-the-gentlemen-ransomware.html%3Futm_source=tldrinfosec/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/FImnTvVIPQEpdSd0WcA3zkbi_1mqmY2WxPyoi_lvq50=422">
<span>
<strong>Unmasking The Gentlemen Ransomware: Tactics, Techniques, and Procedures Revealed (12 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Gentlemen ransomware group has executed sophisticated attacks across 17 countries, focusing on sectors like manufacturing and healthcare. Their operations use custom tools to bypass security measures, exploit privileged accounts, and deploy ransomware with double extortion tactics. The campaign demonstrates a shift to highly tailored, evasive strategies, raising the bar for enterprise defense and incident response recommendations.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FSMuT8l/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/l7WjZo4qOSLlDqFGa31GOleJv0rq0rpGWKKniYT0v7Q=422">
<span>
<strong>Supabase Security Best Practices (2025 Guide) (20 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This comprehensive guide addresses frequent security pitfalls seen in Supabase deployments, offering precise and practical solutions grounded in recent audits. It covers how components like authentication, database schemas, Edge Functions, storage, and CORS interact from a security perspective and how to secure them with simple, effective policiesโsuch as โread-only by defaultโ, automate audits, and revisit configurations as the platform evolves.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐งโ๐ป</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsublime.security%2Fblog%2Fmeet-ade-the-autonomous-detection-engineer-for-email%3Futm_source=tldr%26utm_medium=content-synd%26utm_campaign=tldr_newsletter%26utm_content=ADE_launch/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/7qF80_Go0WTQu2dGDT61X-DnA0leEiCjKfDNcreTrWQ=422">
<span>
<strong>AI-powered email attacks just met their match - an AI detection engineer (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Email attacks are evolving faster than security teams can write rules. Sublime's <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsublime.security%2Fblog%2Fmeet-ade-the-autonomous-detection-engineer-for-email%3Futm_source=tldr%26utm_medium=content-synd%26utm_campaign=tldr_newsletter%26utm_content=ADE_launch/2/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/Flswb-bXVgm5TbiKOqtDxCIP4-Abd3T457yQ5VmSync=422" rel="noopener noreferrer nofollow" target="_blank"><span>ADร</span></a> (Autonomous Detection Engineer) fights fire with fire: while hackers automate phishing and social engineering attacks, ADร <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsublime.security%2Fblog%2Fmeet-ade-the-autonomous-detection-engineer-for-email%3Futm_source=tldr%26utm_medium=content-synd%26utm_campaign=tldr_newsletter%26utm_content=ADE_launch/3/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/acJwGEw9GDm0A5ARkmORrYCJAKXeKiFGFBA8jrPbsNY=422" rel="noopener noreferrer nofollow" target="_blank"><span>automatically creates and backtests Detection Rules</span></a> in response to missed attacks.
<p></p>
<p>Unlike black-box AI solutions, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsublime.security%2Fblog%2Fmeet-ade-the-autonomous-detection-engineer-for-email%3Futm_source=tldr%26utm_medium=content-synd%26utm_campaign=tldr_newsletter%26utm_content=ADE_launch/4/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/0FiFYnAt0ulriF1V_BkCI04kso9vrjxUqF22z81e1-w=422" rel="noopener noreferrer nofollow" target="_blank"><span>ADร writes transparent, explainable rules that analysts can understand and verify</span></a>. When attacks slip through, ADร analyzes signals, creates or updates rules, validates against historical data, and presents clear logic for human review. It closes detection gaps in hours - and it does so per-environment, rather than with one-size-fits-all rules.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsublime.security%2Fblog%2Fmeet-ade-the-autonomous-detection-engineer-for-email%3Futm_source=tldr%26utm_medium=content-synd%26utm_campaign=tldr_newsletter%26utm_content=ADE_launch/5/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/e-RtTYt9V17mOiMobLtCriVd995oJjDhfXl9ESXufnw=422" rel="noopener noreferrer nofollow" target="_blank"><span>Read more on the Sublime Security blog</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fsynacktiv%2FGroupPolicyBackdoor%3Futm_source=tldrinfosec/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/1GUSkwmnYtgFqhg4gDpBS1zOPgV_E7o2L4oHXrWxEGM=422">
<span>
<strong>GroupPolicyBackdoor (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
GroupPolicyBackdoor is a tool for Group Policy Objects (GPOs) manipulation and exploitation.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fredaccess.io%2F%3Futm_source=tldrinfosec/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/sn0lZTQtKp9oCLF0jqs33GJF6UFfqoBJE0gR8uRHKFw=422">
<span>
<strong>RedAccess (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Red Access provides an agentless security platform that protects web sessions and assets across browsers and apps, enabling secure access, data loss prevention, and visibility for remote and hybrid enterprise environments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Frix4uni%2FGarudRecon%3Futm_source=tldrinfosec/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/eVSELlf6D2lO1-Tb3eBM0UDGS3LvfYdinzeLMKXTjrY=422">
<span>
<strong>GarudRecon (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
GarudRecon is an automated reconnaissance framework designed for asset discovery, vulnerability detection, and continuous monitoring.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Fgreat-firewall-of-china-data-published-largest-leak%2F%3Futm_source=tldrinfosec/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/UffGmTd2Q9oIuU9p1GmDDhZXpmRPxuRKanvsZm9E_70=422">
<span>
<strong>600 GB of Alleged Great Firewall of China Data Published in Largest Leak Yet (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Hacktivists from Enlace Hacktivista leaked nearly 600 GB of data supposedly from China's Great Firewall, exposing source code, communications, and documents from Geedge Networks and MESA Lab, key to the censorship system. The leak reveals that the Great Firewall operates as a commercial platform called "Tiangou," which has been exported to Myanmar, Pakistan, Ethiopia, Kazakhstan, and other Belt and Road countries for surveillance purposes. The 500 GB archive includes source code, project records, and internal documents revealing how China's censorship functions and spreads globally through public-private partnerships.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fgaming%2F2025%2F09%2Fanimal-crossing-mod-uses-ai-to-orchestrate-anti-tom-nook-villager-revolt%2F%3Futm_source=tldrinfosec/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/-ylv3L5ouIJ4-5Ee0K3U8jL2Erp65LDoKhqOdU7OlLk=422">
<span>
<strong>Modder injects AI dialogue into 2002's Animal Crossing using memory hack (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A modder connected AI chatbots to the 2002 game Animal Crossing, enabling villagers to discuss their indebtedness and organize against Tom Nook. Using memory hacking and two Python scripts, the mod injects dynamic, AI-generated dialogue into the game, with a writer creating the dialogue and a director adding technical elements.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fmedium.com%2F@yuvasurya1998%2Fwhat-i-learned-from-getting-rejected-by-amazon-a-security-engineers-interview-experience-293e65a2f942%3Futm_source=tldrinfosec/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/QfnWLI3DNM27LksXGCf44futiiumxmMmcwXAAUSAZZ0=422">
<span>
<strong>What I Learned From Getting Rejected By Amazon: A Security Engineer's Interview Experience (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A security engineer shares their experience preparing for and interviewing for an AppSec role at Amazon. The author walks through their screening interview and three days of onsite interviews, which included scripting and automation questions, a coding challenge, a threat modeling exercise, and other questions. The article wraps up with lessons learned after a rejection and the resources the author used to prepare.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;"> <div class="text-block"><span><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdanni763618.typeform.com%2Fto%2Fmq2ku2l8/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/1SlPGeqiBqOs2zPNOrxWrXwi-6yR1kiS4rE2wZLzZQw=422"><span><strong>TLDR Infosec 2025 Reader Survey (1 minute)</strong></span></a><br><br><span style="font-family: ;">How can we improve TLDR Infosec? We'd really appreciate it if you could fill out this <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdanni763618.typeform.com%2Fto%2Fmq2ku2l8/2/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/CioGyq1uYvkgJGb2yrCqAnOHFhw4v8YTUktLYssqr6o=422" rel="noopener noreferrer nofollow" target="_blank"><span>three question survey</span></a> to give us a bit of feedback! ๐</span></span></div> </td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">โก</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.n-able.com%2Fcyber-resilience-summit-2025%3Futm_medium=email-paid%26utm_source=-promotion%26utm_campaign=multi-glbl-l-me-tldr_sept_quick_link_promo_2025_cyber_summit-2025-09-15%26utm_content=quick_link/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/JqbYxbwIxJrbtUSGJakV7XDPKbVLMmRprgF3oUEcLuU=422">
<span>
<strong>SMBs are being hunted - learn to fight back at N-able Cyber Resilience Summit (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Join Francis Odum and cyber experts from Microsoft and Align for a full day virtual event. Featuring exclusive threat intelligence, AI-driven defense strategies for SMBs, and unfiltered insights. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.n-able.com%2Fcyber-resilience-summit-2025%3Futm_medium=email-paid%26utm_source=-promotion%26utm_campaign=multi-glbl-l-me-tldr_sept_quick_link_promo_2025_cyber_summit-2025-09-15%26utm_content=quick_link%23speakers/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/GpKnmpZyD1VQFXV7zi07Fx1JF7xQeKEWGqLTiZJcCaQ=422" rel="noopener noreferrer nofollow" target="_blank"><span>Register for free</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Fqrator-labs-mitigate-l7-ddos-attack-5-76m-botnet%2F%3Futm_source=tldrinfosec/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/fFYBeD-9Ms9QlJB3rf3GA_qUgwtaYE32ri6It6p5wHg=422">
<span>
<strong>Qrator Labs Mitigated Record L7 DDoS Attack from 5.76M-Device Botnet (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Qrator Labs thwarted a record Layer 7 DDoS from a botnet of 5.76M compromised IoT devices targeting government infrastructure, a 333% increase since March 2025, mainly from Brazil (1.41M), Vietnam (661K), and the US (647K).
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FWg0bsX/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/r3HBYduz1T_xKPhCyfYLWDDieLEbujD_vR6fyDvDHGI=422">
<span>
<strong>Popular AI chatbots leaking data: millions of users could be affected (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers revealed that Vyro AI's server leaked 116GB of data, exposing user prompts, authentication tokens, and putting over 150 million users' privacy and accounts at risk.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/5zfHW_7tJfTfNWH3q_s-7wWwPNNPHVI0O2N2T9Q_6Ys=422" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/3F7PcVU8UNssWpq3s4QSqfD098VUsQs71OmHgs2hjBo=422" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? ๐ฐ
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/muQfdCF9IyA-_6DjHmbGD3yWPmKmqtJb4I1XFL4uZEA=422"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? ๐ผ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/DWySm6x_O0XiohtQOffpGT-dWPkqfXg27VOFcXWARjw=422" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/LpgLeyzUaefGBsBGigdomuvqRONPWM7zilcV1U1tXbI=422"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/yStBGrAQLBPZQ7UMLcQXp0SAOfDror-7LPXwtoan5ak=422"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/a9zoAuOeSBwf2wOhhE3NcZ-ZO8aXdz7CHRika9IIaF4=422"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/LDrsNTtIHwCOLJNR9URrKtGVaiLGaIrEaDNEX9XP4Kk=422">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=a7700584-91fd-11f0-a542-cb55a5e10ea4%26pt=campaign%26pv=4%26spa=1757941331%26t=1757941659%26s=163c0a64b8d50b263410e942bee36b076ede9fa08a927940270d8b4655669545/1/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/ObukGTXCYNwEdnItQj8_vJROjSGrnsWlPgRfsJX3Dpg=422">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/010001994d7cf737-58d50b09-d8c3-4b66-b073-3e83cae34eda-000000/zzHNckgnwe13WXZ8NF5NVy3h7Cgk1WVjMitPed6uLHk=422" style="display: none; width: 1px; height: 1px;">
</body></html>