<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Sensitive personal, corporate, and military data is being transmitted unencrypted via about half of Earthโs geostationary satellites โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/151zhVb57ZBTtBmV-lgGpuMo05S4s0tONuqBreEZzh0=427" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/9fS3Hj9eaAq92Y5Q425tpDG0PoRvkqfSB48qj3dT7Wk=427" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=332418d2-a9ae-11f0-a43d-c99ec4616dad%26pt=campaign%26t=1760533577%26s=a1dc6a26f735e42c90148b98e1ad023cc34df0228e5bf14c9c8ab2c585f4a7a1/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/PaX-frG1go_Sjx90U7kPZLWax4P-Gc510tq7Lyfv-Cs=427"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fguide-to-osint-executive-protection%3Futm_campaign=Resource_RP_OSINT_Executive_Protection%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000Lo4xBIAR/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/7Kc1-O7z3pKJN_CFJBpMU4ezqoPiz-9Vw3S_ywxPebg=427"><img src="https://images.tldr.tech/flashpoint.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Flashpoint"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-10-15</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fguide-to-osint-executive-protection%3Futm_campaign=Resource_RP_OSINT_Executive_Protection%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000Lo4xBIAR/2/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/Y9ZjsmQcgu-5m1D_KQeYd6Hjx_vf90hV-sBqL6RqRt8=427">
<span>
<strong>OSINT for Executive Protection: The Flashpoint Guide (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Doxxing. Deepfakes. Targeted harassment. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fguide-to-osint-executive-protection%3Futm_campaign=Resource_RP_OSINT_Executive_Protection%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000Lo4xBIAR/3/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/xw7mZ4tLLHGrQAp0eXMWPLwXxzxPV4K_6YiHxu7GqXQ=427" rel="noopener noreferrer nofollow" target="_blank"><span>Executives are prime targets</span></a> for cyber and physical attacksโare you equipped to protect them?
<p></p>
<p>Threats against high-profile individuals often start onlineโand can escalate into serious security risks. In <a class="c-link" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fguide-to-osint-executive-protection%3Futm_campaign=Resource_RP_OSINT_Executive_Protection%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000Lo4xBIAR/4/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/i0lTBEmy3DoXV2E63_kitKxMe55OOses5CwfEJBqDD4=427" rel="noopener noreferrer" target="_blank"><span>The Complete Guide to OSINT for Executive Protection</span></a>, Flashpoint breaks down how security teams can:</p>
<ul>
<li>Identify and neutralize digital threats before they escalate</li>
<li>Set up real-time alerts and remove sensitive data</li>
<li>Use AI-powered analysis, social intelligence, and geospatial data to track bad actors</li>
</ul>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fguide-to-osint-executive-protection%3Futm_campaign=Resource_RP_OSINT_Executive_Protection%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000Lo4xBIAR/5/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/rHiARNXn90gFJceyvFwTuzdFZVeLTYiaTXHelpkNcHA=427" rel="noopener noreferrer nofollow" target="_blank"><span><strong>Download the Guide</strong></span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FqvoxH9/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/53WiSRGnfozQQ8q8BOIADDvq20UFUK9K74IvJda3Onw=427">
<span>
<strong>SimonMed Imaging: 1.27M Individuals Affected by January 2025 Cyberattack (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
In early 2025, a cyberattack at SimonMed Imaging exposed the data of over 1.27 million patients, including medical and personal information, with the ransomware group Medusa claiming responsibility. Medusa likely received a ransom to prevent data release. SimonMed responded with improved security measures and offered credit monitoring and identity theft protection to impacted people.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2025%2F10%2F14%2Fsatellites-found-exposing-unencrypted-data-including-phone-calls-and-some-military-comms%2F%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/kFpMZViIu_XTFM-2ZXLgJpZiJZgduTovI-MR4OF1m-U=427">
<span>
<strong>Satellites found exposing unencrypted data, including phone calls and some military comms (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Sensitive personal, corporate, and military data is being transmitted unencrypted via about half of Earth's geostationary satellites, according to researchers. Using a basic satellite receiver, they accessed voice calls, texts, and critical infrastructure communications, exposing serious privacy and security risks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.malwarebytes.com%2Fblog%2Fnews%2F2025%2F10%2Fpixel-stealing-pixnapping-attack-targets-android-devices%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/5Gd5Cgu4lYuDxBt3nbni948CRTBWTIULO1S4wJIrv30=427">
<span>
<strong>Pixel-stealing โPixnappingโ attack targets Android devices (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
โPixnappingโ is an advanced attack where a malicious Android app can secretly steal individual pixels from your device's screenโenabling it to extract sensitive data like 2FA codes, even from supposedly secure apps. The attack exploits Android's app messaging system and nearly invisible overlays.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐ง </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fsecurity%2F2025%2F10%2Fwhy-signals-post-quantum-makeover-is-an-amazing-engineering-achievement%2F%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/SratSGG5ZRg3ymB6N7y-X31Jm-RnT3r9_GXBHj5IYm8=427">
<span>
<strong>Why Signal's post-quantum makeover is an amazing engineering achievement (9 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Signal Messenger has rolled out a major upgrade to its encryption protocol, making it resistant to future quantum computer attacks. This technical overhaul adds a third layerโa quantum-safe ratchetโto its already-robust system to ensure strong privacy even if classical encryption breaks. Thanks to clever use of chunking methods and erasure codes, Signal's triple ratchet protects users' messaging by combining classic and quantum-safe security mechanisms, all without impacting everyday use.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F10%2Fwhy-unmonitored-javascript-is-your.html%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/P16dBHNXtoaU9uRUp1mHjdfLv6lFR8jAkbPv5cpykS8=427">
<span>
<strong>Why Unmonitored JavaScript Is Your Biggest Holiday Security Risk (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Client-side JavaScript attacks pose a critical blind spot for e-commerce security as 73% of sites load 50+ third-party scripts on checkout pages while only 23% use dedicated client-side monitoring, allowing attackers to steal payment data through browser-based skimmers that bypass WAFs and traditional server-side defenses entirely. Major 2024 attacks, including the Polyfill.io breach affecting over 500,000 websites and Cisco's Magecart incident, demonstrate how compromised third-party scripts and supply chain vulnerabilities enable data theft that often goes undetected for an average of 7.5 months, with incidents costing $2.4 million plus regulatory fines. Security teams should immediately implement Content Security Policy with nonces (avoiding โunsafe-inline'), deploy Subresource Integrity tags for third-party scripts, establish comprehensive script inventories with regular audits, and deploy specialized client-side monitoring tools to detect unauthorized data collection, DOM manipulation, and suspicious script behavior before the 2025 holiday shopping season.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fnickg.ca%2F%23%2Fposts%2Ftiming-attacks%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/CxTg6MkegOYoMJ6oLsfioO1BL05zfvGtxf0912ibP9Q=427">
<span>
<strong>How Do Timing Attacks Work? (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Timing attacks that target string comparison work by measuring how long it takes a vulnerable server to verify a string, such as a password or other secret. When a vulnerable function compares two strings, it loops through each character to check for equality, causing the function to take slightly longer to complete with each correct character. The page includes a demo for how this attack works in practice.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐งโ๐ป</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsemgrep.dev%2Fresources%2Fsemgrep-vs-snyk%3Futm_source=tldr%26utm_medium=paidsocial/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/bbAHxQJcUPh9tU4-1sPpN72M4hUfMB1M925a4HTSyyI=427">
<span>
<strong>Comparing Semgrep vs. AppSec Alternatives (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Independent reviewers confirm that using Semgrep can <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsemgrep.dev%2Fresources%2Fsemgrep-vs-snyk%3Futm_source=tldr%26utm_medium=paidsocial/2/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/vbU78Y4EuXSiAT-TL-LEoDcv7iaHXI6CWGHFLHMrOUA=427" rel="noopener noreferrer nofollow" target="_blank"><span>cut false positives by over 90%</span></a> compared to popular alternatives:
<p></p>
<ul>
<li>With Semgrep, there's no need to manually filter and prioritize findings because developers only see exploitable, high-priority issues.</li>
<li>Instead of asking devs to trust a black box, Semgrep offers explainable findings with rule-level visibility.</li>
<li>Semgrep then delivers AI-assisted, step-by-step fix guidance to reduce issue resolution time. </li>
</ul>
<p>๐ <strong>The bottom line?</strong> Developers spend <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsemgrep.dev%2Fresources%2Fsemgrep-vs-snyk%3Futm_source=tldr%26utm_medium=paidsocial/3/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/k24fkWnsEoIqi9HMI5bhwQXVjRskjDJkjeTcBu400Zw=427" rel="noopener noreferrer nofollow" target="_blank"><span>86% less time reviewing findings</span></a> and sifting through alert noise. That's 15+ hours saved every week.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsemgrep.dev%2Fresources%2Fsemgrep-vs-snyk%3Futm_source=tldr%26utm_medium=paidsocial/4/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/W5IgOR3OtahBJx6Gx6aVHflVKUx3sHvTfntfR1O899U=427" rel="noopener noreferrer nofollow" target="_blank"><span>See the difference and start shipping faster</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fstamparm%2Fmaltrail%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/kqNj5vAGUzCsZ4IRS4HTbhqx2yjQC6LyXUPXX08y0uM=427">
<span>
<strong>Maltrail (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Facquiredsecurity%2Fforensic-timeliner%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/K_03MFHQ-LoD38JJo3gkS5Q-NqQORlTk2uJzoSnW3zs=427">
<span>
<strong>Forensic Timeliner (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Forensic Timeliner is a high-speed forensic processing engine built for DFIR investigations. It can quickly consolidate CSV output from tools to create a mini timeline, with built in filtering, artifact detection, keyword tagging, and deduplication.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FAdversis%2Fmcp-snitch%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/vxUHJaJ4rhK6HFVKBPqP_80_rJjVZG8UxfzUM4UOh3I=427">
<span>
<strong>MCP-Snitch (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
MCP Snitch is a macOS application that intercepts and monitors MCP server communications, providing security analysis, access control, and audit logging for AI tool usage.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theverge.com%2Fnews%2F796760%2Fapple-iphones-ios-app-store-age-verification-law-texas-utah-louisiana%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/caaRKhBAwyrairWUWXxeRWw2MobPvribD2rSajFp3qQ=427">
<span>
<strong>Here's How Apple Is Locking Down iPhones to Comply With Texas' Age Verification Law (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Starting next year, Texas will require companies to verify the ages of people who use their app stores. Apple has announced that beginning January 1, Texans trying to create a new Apple Account must confirm their age. If they are under 18, they must join a Family Sharing group. Parents and guardians will be required to give their consent to download apps or make in-app purchases, and developers will be required to implement the Declared Age Range API.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theverge.com%2Fnews%2F799274%2Fdiscord-security-breach-5ca-vendor-blamed-not-hacked%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/uZvBkGAN7TOq9rqtBLP0eGxue-7onrxsEtLjkHuMlS4=427">
<span>
<strong>Discord blamed a vendor for its data breach โ now the vendor says it was โnot hacked' (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Discord reported a breach impacting 70,000 users, claiming a third-party vendor, 5CA, was responsible, but 5CA denies any hacking of its systems or handling of government ID photos. The company argues the incident likely resulted from human error outside its systems, and both parties are conducting ongoing investigations to clarify further responsibility and the extent of affected data.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F10%2F14%2Fasahi_breach_update%2F%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/cj1j6E7u3Gm1pG5WZQhyVl_xhyvJ2Y2ZWxVbvj2euF0=427">
<span>
<strong>Asahi breach leaves bitter taste as brewer fears personal data slurped (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Japanese beer maker Asahi suffered a ransomware attack in late September that disrupted operations across Japan and may have resulted in unauthorized access to personal information. The ransomware group Qilin claims to have stolen 27 GB of data, including employee and financial records.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">โก</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.revealdata.com%2Fcase-study%2Fhow-benlabs-avoids-seven-figure-ediscovery-costs-with-onnas-prophylactic-approach%3Futm_campaign=19424793-25Q3%2520BENlabs%2520Case%2520Study%26utm_source=email%26utm_medium=Email%2520ads%26utm_content=tldr/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/B5mm4NTkw_v5zYPg3eNzWyokFghGmPb_tOS3WjABsyE=427">
<span>
<strong>Don't Spend Millions Managing Your Slack (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Avoid seven-figure legal bills before they happen. BENlabs uses Onna as โinsuranceโ to keep Slack data risks predictable and costs under control. Future-proof your legal ops with Onna.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.revealdata.com%2Fcase-study%2Fhow-benlabs-avoids-seven-figure-ediscovery-costs-with-onnas-prophylactic-approach%3Futm_campaign=19424793-25Q3%2520BENlabs%2520Case%2520Study%26utm_source=email%26utm_medium=Email%2520ads%26utm_content=tldr/2/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/u4KrKOmy8Vv7WdSEqDozkPRbLzAihcA0SYt7F3HyOvk=427" rel="noopener noreferrer nofollow" target="_blank"><span>Read the Case Study to Learn How</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmassive-multi-country-botnet-targets-rdp-services-in-the-us%2F%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/KHdjJ7aGyxO37bd6EvF_D7IUC9_aiLCc5ECoHx9ef_k=427">
<span>
<strong>Massive multi-country botnet targets RDP services in the US (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A large-scale botnet comprising over 100,000 IP addresses is conducting coordinated attacks against Remote Desktop Protocol services in the United States.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurityaffairs.com%2F183372%2Fsecurity%2Fuk-ncsc-reports-429-cyberattacks-in-a-year-with-nationally-significant-cases-more-than-doubling.html%3Futm_source=tldrinfosec/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/XzHVYUjMJC4ipW15GWwhIqDLzupn08ZdWGXXUHLYp44=427">
<span>
<strong>UK NCSC Reports 429 cyberattacks in a year, with nationally significant cases more than doubling (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The UK's National Cyber Security Centre reported 429 cyberattacks from September 2024 to August 2025, with significant incidents more than doubling from 89 to 204, and highly significant incidents rising nearly 50% to 18, posing severe risks to essential services.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FSFwLFL/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/xw2pHoMaLsciqfgNgrGgiNowubIR7NjaLjkqiJNjzAk=427">
<span>
<strong>Workforce termination orders affect several CISA divisions (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Several divisions of CISA are facing job cuts as part of a government plan to reduce staff during a shutdown, amid criticism from the administration over its work combating misinformation.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/NGoTkppTKi7A8FiZIqFLF8ZuebtUudqOCqsVi2x1WHU=427" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/BO8IqYfA6W6PG5XOty7I333vyz7aPmKfqxVUsEmRGiI=427" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? ๐ฐ
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/txKExiAWDdqnBgcTBU14ETc6K0X1feruJgPoaQN7E1o=427"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? ๐ผ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/gRC14iKTvwXooE0SuPuTkAsR1t07SwXjC8Ol7_UY9ZM=427" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/fY4ApdhjYYvzQXJ7ks7dS6NI33uEY6mEFy1pmRxVMJk=427"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/SYU-V8Lqvz3RA-2cXmCTLDobQFT5GcpQAbjEVevlRAw=427"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/WN2h-tCPKwrgpNGB2wKhuhWO9u85F-0snynbPX0VBr4=427"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/E9_w2WC9XrStbjN7f0Sneq4K-aY-o-BGDJyU5AIUVcA=427">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=332418d2-a9ae-11f0-a43d-c99ec4616dad%26pt=campaign%26pv=4%26spa=1760533264%26t=1760533577%26s=a1044540338d93f73bd08aecfc4a761a9272fb3f5ea71934a3f06c87c0c79670/1/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/tXbnvQE4on0VfoJT8QMosTbYvNIPJ2gBKnv-3L2uxgs=427">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/01000199e7fa7f05-f1c48577-2f7f-4e08-a515-d0a640e5512d-000000/9b2mZ4btm-MCXVhiKQc_NFtbPbgdy2PHPXcekkiQcI0=427" style="display: none; width: 1px; height: 1px;">
</body></html>