<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Unity warns developers about a vulnerability identified since version 2017.1 that exposes users to unsafe file loading, local file inclusion attacks โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/0hFJu7fe4RqQH3U_6vtHzZuCarVcYjNIc6Wd75_ZoOk=426" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/0FL5Jtz7CwjOt9rtLGuDl5IZLYXvw9BeYsze_XExMFM=426" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=0828eed0-a35c-11f0-b4b2-85ad79c5f9d6%26pt=campaign%26t=1759842382%26s=3f7a6b5677ea28c521f271aab01f03658979e3ce17e3b90014831283ec2ce994/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/VcfMDE_IiXprMrebNHIScRi2p7r9UM-Ow8f1Of08jEE=426"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fpages%2Fapplication-control-allowlisting%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=allowlisting_q4_25%26utm_content=allowlisting%26utm_term=newsletter/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/sAA_srIq5jdSwBZj2M6vK1pkIw8t8ghqBRsdu3GJjeU=426"><img src="https://images.tldr.tech/threatlocker2.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Threatlocker"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-10-07</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fpages%2Fapplication-control-allowlisting%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=allowlisting_q4_25%26utm_content=allowlisting%26utm_term=newsletter/2/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/SRx4IiHa8wt4lcjjxIY0O9Dvp3O0KQ6KJGaKD2uKIt8=426">
<span>
<strong>A refreshingly simple approach to Application Allowlisting (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Hackers love when companies abandon Application Allowlisting. It's โtoo complicated,โ โtoo hard to implement,โ โour apps will break.โ<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fpages%2Fapplication-control-allowlisting%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=allowlisting_q4_25%26utm_content=allowlisting%26utm_term=newsletter/3/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/hxY8b1oHuPev8psd-YtZlqQ1XsddDO3f4o3wozzxwF8=426" rel="noopener noreferrer nofollow" target="_blank"><span>ThreatLockerยฎ</span></a> kills the excuses with two simple ingredients:</p>
<p><strong>๐ง Learning Mode</strong> auto-builds allowlists so you can lock down endpoints without breaking workflows. When something new gets blocked, users request access, and admins can <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fpages%2Fapplication-control-allowlisting%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=allowlisting_q4_25%26utm_content=allowlisting%26utm_term=newsletter/4/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/iwB9NlWCFf8TdttGb1QXAPVRzXSE6xYHPKDf8-b76EY=426" rel="noopener noreferrer nofollow" target="_blank"><span>approve in seconds, not hours</span></a>.</p>
<p><strong>๐ฃ๏ธ Ringfencingโข</strong> forces app to stay in their lane. Word can't spawn scripts. Browsers can't reach network shares. Attackers can't hijack the tools you already trust.</p>
<p> Instead of false starts and abandoned Zero Trust projects, you get a solution CISOs can live with, and auditors love.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fpages%2Fapplication-control-allowlisting%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=allowlisting_q4_25%26utm_content=allowlisting%26utm_term=newsletter/5/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/Me4rpM6ZrSoF18dqbjDVnAkBTYRkj1HNzt1u8LvxJ7A=426" rel="noopener noreferrer nofollow" target="_blank"><span><em>Choose Zero-Trust with ThreatLocker</em></span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.oracle.com%2Fsecurity-alerts%2Falert-cve-2025-61882.html%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/OXkekY2Q_T_XidT2MO3mr3i1-PhSNTcWADjOoHiV_rk=426">
<span>
<strong>Oracle Security Alert Advisory - CVE-2025-61882 (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Oracle issued an emergency security alert for CVE-2025-61882, a critical remote code execution vulnerability in Oracle E-Business Suite that can be exploited over the network without authentication credentials. The vulnerability is already being actively exploited by threat actors. Oracle has discovered specific indicators of compromise, including IP addresses, command-line payloads, and file hashes associated with exploitation attempts. The IOCs reference exploit tools with naming conventions suggesting involvement by groups such as Scattered Spider, Lapsus$, and CL0P, indicating that this vulnerability is being weaponized by ransomware and extortion groups for immediate attacks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.pcgamer.com%2Fhardware%2Funity-has-found-a-security-vulnerability-that-has-sat-dormant-for-almost-a-decade-take-immediate-action-to-protect-your-games-and-apps%2F%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/ZMNlMEqqAD-DjwYRbGFQbcyUysYeLLgHcGIM1vgfzAc=426">
<span>
<strong>Unity Has Found a Security Vulnerability That Has Sat Dormant for Almost a Decade: โTake Immediate Action To Protect Your Games & Apps' (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Unity warns developers about a vulnerability identified since version 2017.1 that exposes users to unsafe file loading and local file inclusion attacks, varying by OS. Developers need to either recompile and redistribute their apps to fix this issue or use a patching tool that applies updates without recompilation. However, this tool does not support Linux builds or applications with tamper-proofing or anti-cheat features enabled.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftherecord.media%2Fohio-ransomware-attack-impacts-45000%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/IYdjZXZ6lOHLPj5-jcQ0GHm7CeciLu7wcUAiuWlukZ0=426">
<span>
<strong>Ransomware Attack on Ohio County Impacts Over 45K Residents, Employees (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Ransomware attackers stole data in a cyberattack on Union County in Ohio, impacting 45k of the county's 71k residents. The stolen data includes Social Security numbers, driver's license numbers, financial account information, fingerprint data, medical information, and passport numbers.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐ง </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.kaspersky.com%2Fblog%2Fphoenix-rowhammer-attack%2F54528%2F%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/2Yq455NeuyjTUPCILMZNQ9rH_AlfLXYATTnqLIQ9BRo=426">
<span>
<strong>Phoenix: Rowhammer that works on DDR5 (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Phoenix is a Rowhammer attack that bypasses DDR5 protections by reverse-engineering Target Row Refresh (TRR) and exploiting timing windows where defenses weaken. The attack uses dummy memory accesses to trick TRR before executing targeted strikes that can read/write arbitrary memory, steal RSA keys, or escalate Linux privileges within 5 seconds to 7 minutes. It demonstrates that DDR5's protections can still be evaded by sophisticated timing attacks that manipulate memory through carefully crafted access patterns.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.elastic.co%2Fsecurity-labs%2Fmcp-tools-attack-defense-recommendations%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/lGwuy6SUs3KQiPfCBkXWB2szOInEN4mvwYJv8Tch3E4=426">
<span>
<strong>MCP Tools: Attack Vectors and Defense Recommendations for Autonomous Agents (26 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Elastic Security Labs provides a comprehensive overview of different attacks and defenses for MCP tools. Elastic provides a prompt for an LLM to detect malicious functions in an MCP server, covering security risks ranging from traditional vulnerabilities to tool poisoning, orchestration injection, rug-pull redefinitions, name collisions, and passive influence. Elastic recommends that users utilize sandboxed environments for MCP, adhere to the principle of least privilege, restrict MCP servers to only trusted sources, require human approval for sensitive operations, and monitor all prompts and code.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.wiz.io%2Fblog%2Fimds-anomaly-hunting-zero-day%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/d3rKdc27OzPStT71562uqjS8jSFHUbLEbpslXP89YdQ=426">
<span>
<strong>IMDS Abused: Hunting Rare Behaviors to Uncover Exploits (9 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Wiz Research developed a data-driven threat hunting methodology to detect anomalous Instance Metadata Service (IMDS) usage by identifying processes that rarely access IMDS but suddenly query sensitive endpoints, such as IAM credentials, leading to the discovery of active exploitation of two zero-day SSRF vulnerabilities. The team uncovered CVE-2025-51591 in Pandoc (HTML-to-PDF conversion via malicious iframe tags) and a ClickHouse SSRF vulnerability where attackers abused SQL "SELECT * FROM url" functions to access cloud metadata services across AWS and GCP environments. This approach demonstrates how behavioral anomaly detection can reveal novel attack vectors targeting cloud infrastructure, emphasizing the importance of enforcing IMDSv2 and implementing least-privilege access controls to mitigate credential theft and lateral movement risks.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐งโ๐ป</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcontent.dropzone.ai%2Fhubfs%2FDropzone_Whitepaper_Proactive_to_Reactive_V3.pdf%3Futm_campaign=24720149-%255BDigital%2520Sponsorship%255D%2520TLDR%2520InfoSec%2520Secondary%252010-07-25%26utm_source=sponssorship%26utm_medium=newsletter%26utm_content=From%2520Reactive%2520to%2520Proactive%2520white%2520paper/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/09BcI9bBi0NRweLFGmT5M9SCzGsw2fmCxXG7wG_f2LA=426">
<span>
<strong>The Future of AI in SOC: a whitepaper by Steve Zalewski, Former CISO @ Levi Strauss (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Your human analysts will never outpace AI-powered attacks - you're going to have to fight fire with fire. This <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcontent.dropzone.ai%2Fhubfs%2FDropzone_Whitepaper_Proactive_to_Reactive_V3.pdf%3Futm_campaign=24720149-%255BDigital%2520Sponsorship%255D%2520TLDR%2520InfoSec%2520Secondary%252010-07-25%26utm_source=sponssorship%26utm_medium=newsletter%26utm_content=From%2520Reactive%2520to%2520Proactive%2520white%2520paper/2/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/llU5HJLG1f82kipiCPXMzby8Qc0OAiKJUHaeMC-npxs=426" rel="noopener noreferrer nofollow" target="_blank"><span>white paper</span></a> explain the stages of AI maturity, how they relate to the SOC, and how to approach the human-in-the-loop question. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcontent.dropzone.ai%2Fhubfs%2FDropzone_Whitepaper_Proactive_to_Reactive_V3.pdf%3Futm_campaign=24720149-%255BDigital%2520Sponsorship%255D%2520TLDR%2520InfoSec%2520Secondary%252010-07-25%26utm_source=sponssorship%26utm_medium=newsletter%26utm_content=From%2520Reactive%2520to%2520Proactive%2520white%2520paper/3/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/Nl9bg9K9WIZAcJawaC_1yPkF7FUGZeSsMh4m5Ofor7A=426" rel="noopener noreferrer nofollow" target="_blank"><span>Get the whitepaper from Dropzone AI</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fcaddyserver%2Fcaddy%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/AIXtaRZBYpHrvxLKQpMkTdx6BBEwKY3abEbm4RKg8ms=426">
<span>
<strong>Caddy (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FVirtueSecurity%2FIAMhounddog%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/drE8w_NDXvV_0_Or546M3rdAnhOhreQfPcxiKdNC0Kc=426">
<span>
<strong>IAMHounddog (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
IAMhounddog is a tool that helps pentesters quickly identify privileged principals and second-order privilege escalation opportunities in unfamiliar AWS environments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Friptideslabs%2Ftokenex%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/T4c2B4SPnaMu5foved-JHWIwW5qeDAjBYFokagOf1-I=426">
<span>
<strong>Tokenex (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Tokenex is a library that provides a unified interface for obtaining and refreshing credentials from various cloud providers and authentication systems. Tokenex supports AWS, GCP, Azure, OCI, Generic, K8sSecret, OAuth2AC, and OAuth2CC.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Funit42.paloaltonetworks.com%2Ftotolink-x6000r-vulnerabilities%2F%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/AXeaHzoWQdeYiog1MF7Ua9AOqyPvvcXPcHErEyZ64_U=426">
<span>
<strong>TOTOLINK X6000R: Three New Vulnerabilities Uncovered (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
There are three critical vulnerabilities in TOTOLINK X6000R routers (CVE-2025-52905, CVE-2025-52906, and CVE-2025-52907) that allow unauthenticated attackers to execute arbitrary commands and bypass security controls via the router's web interface. The vulnerabilities stem from inadequate input sanitization in the cstecgi.cgi endpoint, with the blocklist failing to filter hyphen characters, and enabling argument injection, command injection, and arbitrary file manipulation attacks. TOTOLINK has released patched firmware (V9.4.0cu.1498_B20250826). Users are strongly advised to update immediately as these flaws could allow attackers to gain root access, intercept traffic, and pivot to other network devices.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsignal.org%2Fblog%2Fpdfs%2Fgermany-chat-control.pdf%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/TFsz16XiFkaITGDUdb2LFogzUNPMCbTV42oeYNHoePw=426">
<span>
<strong>Signal Statement on Germany (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The latest German Chat Control proposals would require scanning of every message, photo, and video on a person's device. Signal has announced that it will discontinue services in Germany, and possibly across Europe, if these controls are passed, arguing that regardless of whether messages are scanned before or after encryption, the controls negate the premises of end-to-end encryption.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F10%2F06%2Fscattered_lapsus_bitcoin_reward%2F%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/yc-1xYhGbeUhyea8nCSTpbGnMnEw31EqJ5xiXjd8gvE=426">
<span>
<strong>Scattered Lapsus$ Hunters offering $10 in Bitcoin to 'endlessly harass' execs (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The cybercrime group Scattered Lapsus$ Hunters is paying individuals $10 in Bitcoin to pressure executives of alleged breach victims via email, aiming to coerce them into making ransom payouts. The group, linked to attacks via a Salesforce integration, published targets' details and set a payment deadline. Salesforce and Google have stated that the attacks aren't linked to a compromise of Salesforce itself, and law enforcement is investigating the gang.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">โก</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.strongdm.com%2Fevents%2Froadshow%2Fnyc%2Finvitation%3Ftrk=strongdm-newsletter-social-event%26utm_source=strongdm%26utm_medium=newsletter%26utm_campaign=2026-q3-sdm-roadshow-nyc%26utm_content=event/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/eWvMN9qvyzmBBRTbuG_9lse_tdwsuVjlDU94QxamCbM=426">
<span>
<strong>Step into the future of privileged access and authorization at StrongDM Live! NYC (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Join Stephen Washington Jr., Rinki Sethi, StrongDM, and<strong> PAM Pioneer Philip Lieberman</strong> on <strong>October 23</strong> in Midtown Manhattan to explore how runtime authorization and the <strong>Identity Firewall</strong> are transforming access securityโdelivering productivity and control beyond legacy PAM. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.strongdm.com%2Fevents%2Froadshow%2Fnyc%2Finvitation%3Ftrk=strongdm-newsletter-social-event%26utm_source=strongdm%26utm_medium=newsletter%26utm_campaign=2026-q3-sdm-roadshow-nyc%26utm_content=event/2/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/L9Zti3mNfOAWx_bPfXktjCSdtDLBUoN_Ca_NwpsaCGg=426" rel="noopener noreferrer nofollow" target="_blank"><span>Register</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthreadreaderapp.com%2Fthread%2F1973096031899291659.html%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/ewz7bngjraQIdmvE4-_v_lo8UwGqbg2AH_9FIMg3UyE=426">
<span>
<strong>Rachel Tobac: Warn Your Family About Sora2 (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Security professionals should educate their families about Sora 2 and the importance of online skepticism.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.zeroday.cloud%2F%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/pqKBoWG6tJ70IvX3OQLDwRYKf9VBwmrzhS5XVCtQYoM=426">
<span>
<strong>ZERODAY.CLOUD (Website)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Wiz has announced a new hacking competition with a total reward pool of $4.5 million where participants can earn up to $300,000 per exploit for demonstrating vulnerabilities against widely used cloud software.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fred-hat-data-breach-escalates-as-shinyhunters-joins-extortion%2F%3Futm_source=tldrinfosec/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/q_wPiXqpTmFEtEazP65D4XFGn1z_09cxDFoLM1jrZUQ=426">
<span>
<strong>Red Hat data breach escalates as ShinyHunters joins extortion (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Red Hat's data breach worsened as Crimson Collective and ShinyHunters launched a leak site, threatening to release 570GB of stolen data, including reports from Walmart, HSBC, and the Department of Defense, unless the ransom is paid by October 10.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/4Selok_Hj6MoiMUaYAdxGsROU5k2gm41Sch2I2jox4U=426" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/fSnid7-9QufY2MM9RNjZwVlQX46x3dFxxm-ujMAw05A=426" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? ๐ฐ
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/j1d8aqTCP6WmzrQTxydqcC7uZTb5jVxdp-yI2Lc4lPo=426"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? ๐ผ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/yM4QKVVw4tdbsPcc_8geuuqZ_MlkCr-ZBqlZPvomIDo=426" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/lUS462vayWjGb9PKPxe9Y5mxgluj_o--wjoQ7OKANVY=426"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/N5BnrjRb0dwNiIiNiMq0wYV173Xold70Bl37o4r1_Kw=426"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/ZIlkJiL1tzdnG4yl7F4pixg2NgvCQNPX40kma5-gNXc=426"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/nWEy_TG-7A-_NFA8UVVDmOYV8ExyyZ-QZ-d9KeIs9kk=426">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=0828eed0-a35c-11f0-b4b2-85ad79c5f9d6%26pt=campaign%26pv=4%26spa=1759842065%26t=1759842382%26s=587dd72259d507244ceb079194ea872068993dc8608be5efbb04e59694a44a48/1/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/8lh1uA0ba7ffhYpGQw9clN_V9a4FfSzRSgEFNh-QeLw=426">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/01000199bec7b3a7-3f1619f9-6f06-4297-a5c9-a6e5933433a7-000000/vtk8_AHAeeMHvkaUCD0TGeE33ghjWJ8wFdNBwZN-svs=426" style="display: none; width: 1px; height: 1px;">
</body></html>