<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Hackers from the Crimson Collective claim to have breached Red Hatβs private GitHub repositories, stealing 570GB of data β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/fkgPpYSe8UQCOLrNo3vIcOG6YRkxu6L9_gOF9pMjGoA=425" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/Fuat3WY8_BgIETD9Hm8HY977NoXzcWiH5OzQ-TWgnug=425" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=e4ac6428-a045-11f0-991b-15ac16d162bb%26pt=campaign%26t=1759496837%26s=93e77839ccb13442430387e7a23a2efb5de5b06ebf3f0584870104087aa6b44c/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/-E5G0m4GTxz1KIEfZO2bO7X_wFCVtN9zSLud5dyKuXI=425"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Fit-security-teams%3Futm_source=tldr%26utm_medium=email%26utm_campaign=Cy25-09-camp-platform-global-prospect-iis-x-tldr_newsletter_1003/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/mNUJV2YKY8R_IsAMAmKiZK3zR8GSNKFgYoXMyvSuGe4=425"><img src="https://images.tldr.tech/huntress.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Huntress"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-10-03</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Fit-security-teams%3Futm_source=tldr%26utm_medium=email%26utm_campaign=Cy25-09-camp-platform-global-prospect-iis-x-tldr_newsletter_1003/2/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/mGQYKSZlRWuPtwhKqfNMme6gej7VcyuBldKBuOH1jZs=425">
<span>
<strong>Security tech that wrecks hackers - not budgets (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Your IT team has enough to worry about. Cybersecurity doesn't have to be one of them.<p></p><p>Huntress brings <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Fit-security-teams%3Futm_source=tldr%26utm_medium=email%26utm_campaign=Cy25-09-camp-platform-global-prospect-iis-x-tldr_newsletter_1003/3/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/jUxhFm_O9au-xhRHmPQguMe3GA7gTR7kzWAQzmXx5MY=425" rel="noopener noreferrer nofollow" target="_blank"><span>enterprise-grade security to ALL businesses</span></a>, not just the 1% with big teams and budgets.</p>
<p>β€οΈ Thousands of teams love Huntress and trust their world-renowned team to protect them from modern threats. - from fast-growing startups to global enterprises,</p>
<p>Huntress researches and spots hacker tradecraft, tools, and vulnerabilities <strong>first</strong>βbreaking the news and sharing knowledge to keep the community safe.</p>
<p>Experience Huntress for yourself⦠</p>
<p>π <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Flp%2Fit-security-teams%3Futm_source=tldr%26utm_medium=email%26utm_campaign=Cy25-09-camp-platform-global-prospect-iis-x-tldr_newsletter_1003/4/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/w-l6JKcE1DZbLy0VvTbeTJ6oNJgo7hKFCw94MPBcgQM=425" rel="noopener noreferrer nofollow" target="_blank"><span>See why Huntress is consistently rated 5 stars on G2</span></a></p>
<p>π FREE Security Awareness Training?! Yep: <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Fcybersecurity-education%2Fcybersecurity-awareness%2Fsat-cyber-safety-made-simple%3Futm_source=tldr%26utm_medium=email%26utm_campaign=Cy25-09-camp-platform-global-prospect-iis-x-tldr_newsletter_1003/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/EoS2YcalfnYJ3-Wv4yp-SH8Vmr0lrAl3L0RsviC2sm4=425" rel="noopener noreferrer nofollow" target="_blank"><span>get the gift of SAT</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F10%2F02%2Fcybercrims_claim_raid_on_28000%2F%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/eKqnfwXNO4eOx26I7p2XamBJPA5aLFFK8LGQ7BKns50=425">
<span>
<strong>Cybercrims claim raid on 28,000 Red Hat repos, say they have sensitive customer files (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Hackers from the Crimson Collective claim to have breached Red Hat's private GitHub repositories, stealing 570GB of data, including customer documents, security tokens, and certain details about major organizations' IT environments. Red Hat hasn't confirmed the breach or responded to extortion demands yet, but sample files are circulating already.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2F766000-impacted-by-data-breach-at-dealership-software-provider-motility%2F%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/KFqR7S0F6CNuBUPt6R94MODzyC_ahF98g42dmEMySGw=425">
<span>
<strong>766,000 Impacted by Data Breach at Dealership Software Provider Motility (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Motility Software Solutions suffered a ransomware attack that impacted over 766,000 individuals and exposed sensitive data, including Social Security and driver's license numbers. The company detected the breach in August and notified authorities, offering one year of identity protection to victims. Attackers claimed to have stolen 4.3 terabytes of information, but there's no evidence of misuse so far.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsan.com%2Fcc%2Fcompany-that-sells-spyware-for-monitoring-sex-offenders-hacked%2F%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/f6XTzMRh_lDmIDdHKxuMWJgUU0E0Edm1Y3mkWGX1Kn8=425">
<span>
<strong>Company That Sells Spyware for Monitoring Sex Offenders Hacked (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
RemoteCOM, a company that sells monitoring software for individuals on parole and probation, was hacked. The attacker stole personal data from ~7,000 parole officers and ~14,000 individuals whom the software had monitored. The hacker indicated that the software was one of the easiest they had hacked.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fme.costaskou.com%2Farticles%2Facmfs%2F%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/4IqvWjzPM8PC2JyGGfbuzeG9WLcZw7QOYaMsAOphLVQ=425">
<span>
<strong>Using AWS Certificate Manager as a Covert Exfiltration Mechanism (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AWS Certificate Manager (ACM) does not offer VPC endpoints, so any cloud resources that want to utilize it must have access to the service. An attacker can also connect an instance to ACM in the attacker's account and use the nsComments field to exfiltrate free-form data. The post concludes with an exploration of other AWS services that can be used in this way, such as SAML provider metadata and Lambda functions.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.ryanjarv.sh%2F2025%2F07%2F21%2Fsaas-provider-takeover.html%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/bwlNYog5ad5nHJrqoCmhtXDbizZE9PQFe84w1ipZ0bw=425">
<span>
<strong>AWS CDK and SaaS Provider Takeover (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AWS CDK requires users to bootstrap each environment, either manually or via the 'cdk bootstrap' command, which creates the necessary roles. These roles are configured by default to trust the current account's root principal. This can lead to a vulnerability when a SaaS provider requests an ARN from the user, which it provides to its proxy role to load data from the user's account. If the user provides the SaaS provider with an ARN from their own account, it will be implicitly trusted, exposing the SaaS provider's environment to the user.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4066707%2Fthat-innocent-pdf-is-now-a-trojan-horse-for-gmail-attacks.html%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/LDD11ggv17SPQ3RVPM1YwogpzknLRupla04Przvag2g=425">
<span>
<strong>That innocent PDF is now a Trojan Horse for Gmail attacks (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The MatrixPDF toolkit exploits users' trust in PDF files by embedding JavaScript and fake prompts to bypass Gmail's security filters and automatically fetch malicious payloads from external sites. The attack works through two methods: exploiting Gmail's preview function with blurred content prompting users to "Open Secure Document," or using PDF-embedded JavaScript that automatically connects to payload URLs when opened in desktop readers. Security professionals should implement robust attachment sandboxing, restrict personal email access on corporate devices, deploy endpoint detection for suspicious file behavior, and enhance security awareness training that emphasizes zero trust for all file types, including PDFs.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhelp.securecodewarrior.com%2Fhc%2Fen-us%2Farticles%2F13216887574799-Cybermon-2025-The-Age-of-AI%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/metkJvXMvqNYahRgnQUK9sZZA7uUUm63a1Rw3Wp5mSY=425">
<span>
<strong>Think Your Team Can Secure AI-Era Code? Prove It at Cybermon 2025 (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Starting Oct 6, Cybermon 2025 is a 4-week secure coding challenge where dev teams battle AI-era vulnerabilities through hands-on challenges. Boost your security program's engagement by defeating a Cybermon, earn badges, and win prizes. Join the main event or <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securecodewarrior.com%2Fproducts%2Ftournaments%3Futm_source=tldr%26utm_medium=email%26utm_campaign=2025-10-tldr-global-en-dg/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/nL5e64LfEEHHM_gTsiBjyu9sDvNWzFjbfuJdV9WkfVU=425" rel="noopener noreferrer nofollow" target="_blank"><span>host a company tournament</span></a>! To get started, <a class="underline" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securecodewarrior.com%2Fcompany%2Fcontact%3Futm_source=tldr%26utm_medium=email%26utm_campaign=2025-10-tldr-global-en-dg/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/zg4iqKbUbLYJj8m1m-sG13Of6r0N_xgVJP2YYLcl6z0=425" rel="noopener noreferrer nofollow" target="_blank"><span>contact Secure Code Warrior</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4065498%2Fdatabricks-enters-the-cybersecurity-arena-with-an-ai-driven-platform.html%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/MzqePx2SBXW7oet_Zi4oAHZ51dQtnJOHNk-cLr-S218=425">
<span>
<strong>Databricks enters the cybersecurity arena with an AI-driven platform (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Databricks launched "Data Intelligence for Cybersecurity," an AI-driven platform that addresses the critical issue of security data sprawl by unifying fragmented telemetry from multiple security tools into a single governed foundation. The platform leverages Databricks' Lakehouse architecture with "Agent Bricks" for building AI-powered threat analysis agents, offering conversational dashboards and natural language queries that early adopters, such as Arctic Wolf and Palo Alto Networks, report have improved detection rates while reducing costs. Security professionals should evaluate this platform as a potential complement to existing SIEM tools, particularly for organizations struggling with data fragmentation across multiple security vendors.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fzania.ai%2F%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/BVeezT7iB8GoO61ekaK8-dwDjzRdiIBRgwy4VTSMrXo=425">
<span>
<strong>Zania (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Zania is an AI-powered GRC platform that uses autonomous, domain-specific AI agents to automate security governance, risk, and compliance tasks. Its agents continuously collect evidence, test controls, assess vendors, evaluate internal risks, and accurately answer vendor questionnaires, delivering end-to-end compliance management.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fswisskyrepo%2FPayloadsAllTheThings%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/SXFQwT_R0QE5_l-JhJLsUZTTmwkIkKxJi0Ee-HsKJrY=425">
<span>
<strong>PayloadsAllTheThings (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A list of useful payloads and bypasses for Web Application Security and Pentest/CTF.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fsecurity%2F2025%2F10%2Fthat-annoying-sms-phish-you-just-got-may-have-come-from-a-box-like-this%2F%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/ACXCkx6M1pTAsSaxlocgi31wcaUYpbaWqtnNdcwRVWE=425">
<span>
<strong>That annoying SMS phish you just got may have come from a box like this (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Criminals have been utilizing vulnerable industrial cellular routers to mass-send SMS phishing attacks ("smishing") since 2023. Security researchers found over 18,000 of these devices, easily accessible due to outdated firmware. These routers, mainly used for industrial purposes, help spread phishing links across countries by exploiting weak security or misconfigurations, making detection and shutdown difficult.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberscoop.com%2Fextortion-email-clop-oracle-customers%2F%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/vc4GzssR1pi1nwcyBUABmT8377F_JRWEP898jUD0oTk=425">
<span>
<strong>Here is the email Clop attackers sent to Oracle customers (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Clop ransomware group sent extortion emails to Oracle E-Business Suite customers claiming to have breached their systems and stolen data, framing the attack as a business transaction while threatening to publish stolen information if ransom demands aren't met. Oracle confirmed awareness of the extortion emails and identified potential exploitation of vulnerabilities addressed in their July 2025 critical patch update, though researchers have not yet verified if actual breaches occurred. Organizations should immediately apply Oracle's July 2025 security patches, verify their patch status, monitor for signs of compromise, and establish incident response procedures while being cautious of emails sent from hundreds of compromised third-party accounts used to bypass spam filters.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2F20-yolink-iot-gateway-vulnerabilities-home-security%2F%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/1qzZJMe3W-nzUvqMaQtrwqjtaLVlH5VipHhNqMOTIV0=425">
<span>
<strong>$20 YoLink IoT Gateway Vulnerabilities Put Home Security at Risk (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Bishop Fox researchers discovered four critical zero-day vulnerabilities in the $20 YoLink Smart Hub v0382 that allow remote attackers to bypass authentication, intercept unencrypted credentials and Wi-Fi passwords via MQTT, and remotely control other users' devices, including smart locks, through predictable device IDs. The vulnerabilities (CVE-2025-59449, CVE-2025-59448, CVE-2025-59451, and CVE-2025-59452) affect the ESP32-based hub, which serves as a central gateway for home security devices, potentially enabling physical access to users' homes, as no patches are currently available from the manufacturer, YoSmart. Security professionals should immediately disconnect affected hubs from critical networks, avoid using them for physical access control, implement network segmentation to isolate IoT devices, and consider replacing them with vendors that provide regular security updates until patches become available.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsoftware%2Fbrave-browser-surpasses-the-100-million-active-monthly-users-mark%2F%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/pitKIHOum4AYfCBtdSykpGxSCobSP8C2uqanV0XR5vw=425">
<span>
<strong>Brave browser surpasses the 100 million active monthly users mark (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Brave browser reached 101 million monthly active users in September.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackerone-paid-81-million-in-bug-bounties-over-the-past-year%2F%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/t3AuNujyAycLoX_oYvngm7B7HHcjU6YIhrDipyTyVl0=425">
<span>
<strong>HackerOne paid $81 million in bug bounties over the past year (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
HackerOne distributed $81 million in bug bounty rewards over the past 12 months, marking a 13% year-over-year increase.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Frenault-uk-customers-third-party-data-breach%2F%3Futm_source=tldrinfosec/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/BhKJQZV7WseZYOtjwk9CcI2qX7qdNrFyKXtZbdx1uns=425">
<span>
<strong>Renault UK Customer Records Stolen in Third-Party Breach (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Renault UK warned customers of a data breach via a third-party cyberattack, emphasizing the need for improved supply chain security, regular vendor audits, and customer awareness of phishing risks.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/L0j0N9Tm839dohaOx5DC2u7Bg_E99WQKyXj61Z-bjEs=425" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/3OdfuG8tqenmWSUAEiIkNYk-9H41n-ATA0dBHBLL_Lo=425" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/GUEeIC7kMKHnlopZ_WKymzF2l6EMQ5zAEdHX9zgpqeg=425"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/EOozSB1DAenjsF-n2SGOs0CA7PhIlS_rnNMyQjDc6dk=425" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/yvu604Lm_et3Z5XBJHD60qUOT54mHeb5z1utiePc-T0=425"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/uKeFZGinvJe_MxorTL5gfakKy_s5QxFH4aHBrCCsKWo=425"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/m4CL3-YVOEyqTs6kjp4IJyXI0R8OhJN-V7gKbGZsvSo=425"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/UWih2b7oCvnSauFMPBfvXmJa8zCGueGVaesO-PtUNiE=425">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=e4ac6428-a045-11f0-991b-15ac16d162bb%26pt=campaign%26pv=4%26spa=1759496534%26t=1759496837%26s=4ce7f84cbeb180519ddf577c557489f59b09728d45f59e21b0cd9afb81e44ec7/1/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/hHgiq4kvLew1hMsFgLNW0XxcAwLp3-Xw0Iry400tbjE=425">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/01000199aa2f1aa3-d6bdc5cd-9667-4d0c-8c1e-4c2add3e110b-000000/5lFz0BYTtI-6Bq2Gr2doFTqZFpXEDFY0rGe_CwiZL20=425" style="display: none; width: 1px; height: 1px;">
</body></html>