<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">A security researcher reported an unencrypted and non-password-protected database containing PII of over 7,000 applicants β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/2wgj8pvThFoT8RHLU7t7d3C1fjXKVcFuRwS2AjAKITw=429" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/_hAx1lzCvn2OOd84ScJNoB0RU45NZUGClX2FdWVdfPw=429" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=0aabb27e-b3e6-11f0-a1da-b9cef28262e9%26pt=campaign%26t=1761656777%26s=63ec64258853ebb124829fdb171f8a593a17bac41a000788b662300c868b9c43/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/D0G-SeFcNzW4iFYrBLIlLZC2yZA-Dyevm0FdgiVev44=429"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.ox.security%2Fevents%2Fvibeseccon%2F%3Futm_campaign=9574189-TLDR%26utm_source=TLTR%26utm_medium=email%26utm_term=primary/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/FMSfXKPlLAYkjxsBEjPQi5Axv4E2pto1SWixiECAX3E=429"><img src="https://images.tldr.tech/ox.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="OX Security"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-10-28</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.ox.security%2Fevents%2Fvibeseccon%2F%3Futm_campaign=9574189-TLDR%26utm_source=TLTR%26utm_medium=email%26utm_term=primary/2/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/XkTujHwJEWX-F4cob1ZUxZzlsb0xHf7iWNVUF7eOjUc=429">
<span>
<strong>Security lost the battle against vibe coding. What comes next? (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AI code editors now generate weeks of code in hours. Traditional security crawls behind, creating backlogs that will never close.<p></p><p>But not all is lost...</p><p>Join CISOs and AI leaders from Nvidia, Salesforce, Glean, Augment, and others at <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.ox.security%2Fevents%2Fvibeseccon%2F%3Futm_campaign=9574189-TLDR%26utm_source=TLTR%26utm_medium=email%26utm_term=primary/3/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/yr3i_up6Hv-neIMvKd3Fi9D7ZJNRDmkycOWhFPldjSM=429" rel="noopener noreferrer nofollow" target="_blank"><span>VibeSecCon</span></a>. This virtual summit will explore the death of "Shift Left," the 10 critical anti-patterns in AI-generated code, and the future of AI and security.</p>
<p>You'll also get a chance to experience <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.ox.security%2Fevents%2Fvibeseccon%2F%3Futm_campaign=9574189-TLDR%26utm_source=TLTR%26utm_medium=email%26utm_term=primary/4/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/TjLzyYzidA5DKXxM069kFjjKAzMHdwN1SB2dio2aLig=429" rel="noopener noreferrer nofollow" target="_blank"><span>VibeSec by OX</span></a> - a new approach to prevent insecure code from ever being created by embedding real-time, organization-specific context directly into AI coding agents, at the moment of code creation.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.ox.security%2Fevents%2Fvibeseccon%2F%3Futm_campaign=9574189-TLDR%26utm_source=TLTR%26utm_medium=email%26utm_term=primary/5/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/phg8HM6qEr5gi3iqdzFCCnTu0hAVR9Lpp6bkaeeWc0Y=429" rel="noopener noreferrer nofollow" target="_blank"><span>Register for VibeSecCon (free)</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fpentest-tools.com%2Fblog%2Fsessionreaper-cve-2025-54236-exploit%3Futm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/IlWc92Rx0hP_WgWVsj3ux5NLc7naE61Ul_887X8MUKg=429">
<span>
<strong>How we built an exploit for SessionReaper, CVE-2025-54236 in Magento 2 & Adobe Commerce (20 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Pentest-Tools researchers developed a working exploit for CVE-2025-54236 "SessionReaper," an unauthenticated vulnerability in Magento 2's ServiceInputProcessor that allows customer account takeover through session manipulation. The exploit leverages a Magento\Customer\Model\Session\Proxy object's setCustomerId function to inject arbitrary customer IDs into PHP sessions, enabling attackers to impersonate any customer by crafting malicious session cookies. Organizations should patch immediately and monitor for unauthorized attempts to manipulate sessions targeting Magento installations.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Fdomewatch-leak-capitol-hill-applicants-data%2F%3Futm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/5KEpINRJLRFjwFReWmT6-yz7ZTh2WpeEwdZ6AjRr2QM=429">
<span>
<strong>DomeWatch Leak Exposed Personal Data of Capitol Hill Applicants (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A security researcher reported an unencrypted and non-password-protected database containing PII of over 7,000 applicants to the research firm Safety Detectives. The data includes names, phone numbers, email addresses, and security clearance status or level. 469 records listed individuals with βtop secretβ federal security clearance, which could expose those individuals to phishing risks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fqnap-warns-its-windows-backup-software-is-also-affected-by-critical-aspnet-flaw%2F%3Futm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/IGbrXZ4XspEQ0Bha4JSxUBw2s3s5DzZTmHzlWU_ztN8=429">
<span>
<strong>QNAP Warns of Critical ASP.NET Flaw in its Windows Backup Software (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
QNAP issued a warning to customers to patch a critical ASP.NET Core vulnerability that affects the company's NetBak PC Agent software for backing up data to a QNAP NAS (Network Attached Storage). This vulnerability could allow an authenticated attacker to gain unauthorized access to sensitive data, modify server files, or perform a denial-of-service on the device. QNAP recommends that users either reinstall the NetBak PC Agent or manually update the ASP.NET Core install on their PCs.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FBvz0GG/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/vQzgamQBSYOh7klZu7DlRGdYA3z3I16c2CCL-V0Yl6s=429">
<span>
<strong>The Linux Boot Process: From Power Button to Kernel (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This deep dive explains the Linux boot sequence from CPU reset through various modes, including firmware handoffs, bootloader operations, kernel decompression, and memory setup with paging. It covers mode transitions, interrupt handling, GDT and IDT configuration, and kASLR, which randomizes kernel memory locations to prevent exploits. kASLR enhances security by randomizing kernel addresses, but can be disabled with nokaslr for debugging.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4079001%2Fscammers-try-to-trick-lastpass-users-into-giving-up-credentials-by-telling-them-theyre-dead-2.html%3Futm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/J5Ux0UfXQxZMgsvg-yCoFqD9cI4Yw6zFlmwOvHZrJio=429">
<span>
<strong>Scammers try to trick LastPass users into giving up credentials by telling them they're dead (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CryptoChameleon cybercriminal group targets LastPass users with phishing emails claiming "Legacy Request Opened (URGENT IF YOU ARE NOT DECEASED)" that trick victims into entering master passwords on fake sites by exploiting legacy access scenarios when family members request deceased users' accounts. The campaign uses domain spoofing, fabricated support case details, and phone calls to direct victims to attacker-controlled URLs designed to harvest credentials for cryptocurrency theft. Organizations should implement phishing-resistant MFA for password managers, educate employees about this specific "Legacy Request" subject line, and establish policies requiring additional authentication factors beyond master passwords for account access.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbaldur.dk%2Fblog%2Fvibecoding-and-the-illusion-of-security.html%3Futm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/oigHFZCEftOc0kesnQ67P3BkaOZeB9hcvxlTyd7MAOc=429">
<span>
<strong>Vibecoding and the illusion of security (9 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AI-powered coding, often called "vibecoding," claims to enable fast and seemingly secure development of features like two-factor authentication (2FA). However, this method often only creates the illusion of security, missing essential protections such as rate limiting and strong account lockout mechanisms. Attackers can easily bypass superficial safeguards, especially if limits depend on factors like IP addresses. Large language models (LLMs) tend to generate code that appears convincing, but without clear guidance, critical security measures are frequently overlooked or implemented incorrectly.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frippling.registration.goldcast.io%2Fwebinar%2F238377a3-ffe5-48c3-89f3-bf189d41a798%3Futm_source=tldr%26utm_medium=newsletter%26utm_campaign=10%252F29%2BIAM%2Bdeminar%26utm_content=webinar/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/B1TWzA0LaF1Ou6JYhQzqtHjMd0fnkBnj_K-eAmGNWVo=429">
<span>
<strong>Does your IAM system break every time someone changes roles? (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Traditional IAM tools depend on static data and fall apart if an employee switches departments or devices. <a class="underline" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frippling.registration.goldcast.io%2Fwebinar%2F238377a3-ffe5-48c3-89f3-bf189d41a798%3Futm_source=tldr%26utm_medium=newsletter%26utm_campaign=10%252F29%2BIAM%2Bdeminar%26utm_content=webinar/2/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/GTrn4yxkHrmqI5a5Yaa6Zcg_pX8HvuaNdJi5YUmcbg4=429" rel="noopener noreferrer nofollow" target="_blank"><span>Rippling's new IAM</span></a> grounds identity in real-time employee data instead - enabling automatic updates without manual provisioning or custom scripts. See how it works in <a class="underline" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frippling.registration.goldcast.io%2Fwebinar%2F238377a3-ffe5-48c3-89f3-bf189d41a798%3Futm_source=tldr%26utm_medium=newsletter%26utm_campaign=10%252F29%2BIAM%2Bdeminar%26utm_content=webinar/3/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/msLyB6TY574Yo4LAnDv6FN-nUHT02LDNe8ZeAiucihY=429" rel="noopener noreferrer nofollow" target="_blank"><span>tomorrow's webinar</span></a>. Stay until the end for a chance to win a $500 gift card!
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FEmergingThreats%2Fpdf_object_hashing%3Futm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/r7dXNvMd5xR8xtYFqrjL5oERWtgL1IyN1mb69wyM22Q=429">
<span>
<strong>pdf_object_hashing (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
PDF Object Hash is a method for identifying similarities between PDFs based on their structure rather than content, akin to imphash or ja3 hashes. It involves extracting object types and hashing them to cluster similar documents and detect overlaps. Recent updates to the parsing scripts improve accuracy, especially for irregular or corrupted PDFs.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fsmicallef%2Fspiderfoot%3Futm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/eGa-75x8wAB_zWYt055E7betuxk_Q7oF8i5RSdoCXQ8=429">
<span>
<strong>SpiderFoot (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
SpiderFoot is an open source intelligence (OSINT) automation tool. It integrates with just about every data source available and utilises a range of methods for data analysis, making that data easy to navigate.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.irregular.com%2F%3Futm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/aEwPv94zSgj6eLFmbbe3r-eWx5wM9nPlXPz_HCC-1Tw=429">
<span>
<strong>Irregular (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Irregular builds AI security labs to test the cybersecurity of advanced models like ChatGPT and Claude. It develops tools, testing methods, and scoring frameworks, collaborating with top AI companies to ensure the secure and responsible deployment of AI.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurelist.com%2Fforumtroll-apt-hacking-team-dante-spyware%2F117851%2F%3Futm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/Ghh6K1qou9x1KSkajdGaUi0zWOl2RYFoRZ2aSH5rMSQ=429">
<span>
<strong>Mem3nt0 mori β The Hacking Team is back! (15 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Kaspersky uncovered Operation ForumTroll, a sophisticated espionage campaign using personalized phishing emails that exploit CVE-2025-2783, a Chrome sandbox escape vulnerability affecting Windows Inter-Process Communication (IPC) pseudo handles. The operation deployed "Dante" spyware by Memento Labs, targeting Russian entities through zero-day exploits and evasion techniques such as WebGPU validation and COM hijacking. Security teams should monitor for Base64 folders in %LocalAppData%, enhance email filtering for personalized phishing, and update Chrome to version 134.0.6998.177/178 or later to mitigate the sandbox vulnerability.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.narimangharib.com%2Fposts%2F2025%252F10%252F1761116665973%3Flang=en%26utm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/3N-cXmzpX5UjNqszlgl2BtjQpl-nwmY9A_lj3Auyiws=429">
<span>
<strong>Full Student Database of MOIS-Affiliated Ravin Academy Leaked (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A comprehensive student database from Ravin Academy, a US Treasury-designated MOIS front organization used to recruit cyber operatives, has been leaked just days before its annual Tech Olympics event in Tehran. The exposed records contain complete personal information of trainees enrolled in what appears to be legitimate cybersecurity education, but serves as a talent pipeline for Iranian state-sponsored cyber operations against foreign governments and domestic dissidents. Organizations should monitor for individuals with Ravin Academy connections and note that the operational security failure demonstrates vulnerabilities in Iranian intelligence recruitment infrastructure.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F10%2F27%2Flinkedin_ai_profile_scraping%2F%3Futm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/pRhD74BuSTP3O8ZTlsG1zZtk0rhwI7ObY_dfFn4R_tc=429">
<span>
<strong>You have one week to opt out or become fodder for LinkedIn AI training (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
LinkedIn will soon collect public profile data from users in the EU, UK, Canada, Switzerland, the EEA, and Hong Kong to train AI models and share it with Microsoft affiliates for ad targeting. Users in these regions have until October 27 to opt out, or their detailsβincluding posts and activityβwill be included, except for private messages.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fplatform%2Fstorage-control%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=storage_control_q4_25%26utm_content=storage_control%26utm_term=newsletter/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/21scMFbc_uCnoeyVDOakLPQpW63dyO7GGSqgGWFANX0=429">
<span>
<strong>USB drives are still a problem - but they're not your only data exfiltration risk (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
While most organizations focus on blocking USB devices, attackers and insiders can just as easily steal data through network shares, cloud storage, or even local folder access. You need visibility and control over ALL storage access points.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fplatform%2Fstorage-control%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=storage_control_q4_25%26utm_content=storage_control%26utm_term=newsletter/2/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/N1A77YMCUQpwYMHOQ7bNqDibuxRvVczPOXFyT1rf7Co=429" rel="noopener noreferrer nofollow" target="_blank"><span>ThreatLocker Storage Control</span></a> provides <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fplatform%2Fstorage-control%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=storage_control_q4_25%26utm_content=storage_control%26utm_term=newsletter/3/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/_H1-RB5Bi_Kl65wxCDqLNx24yGez6R5isgO9Jg8Amhk=429" rel="noopener noreferrer nofollow" target="_blank"><span>granular policies across every storage type</span></a> - from USB drives to network shares to local folders. Set policies as simple as "block all USBs" or as detailed as "only allow backup apps to access the backup share."</p>
<p>β‘ Unified audit logs every file access with device serial numbers</p>
<p>β‘ 60-second approval workflow for storage access requests</p>
<p>β‘ Granular policies by user, time, application, and device type</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fplatform%2Fstorage-control%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=storage_control_q4_25%26utm_content=storage_control%26utm_term=newsletter/4/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/967X8wamnP3t4h2dWiZvfXQ4MBfKS3QgdjsQpCWExkQ=429" rel="noopener noreferrer nofollow" target="_blank"><span><strong>See Storage Control in action</strong></span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4078952%2Fcritical-microsoft-wsus-flaw-exploited-in-wild-after-insufficient-patch.html%3Futm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/BLMVeH5jdt4APhKURDquICugYvlE7V51gBhOTisrNJM=429">
<span>
<strong>Critical Microsoft WSUS flaw exploited in wild after insufficient patch (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft issued urgent out-of-band patches to fully address CVE-2025-59287, a critical vulnerability in WSUS that allows remote code execution with SYSTEM privileges, following active exploitation after the release of a proof-of-concept and the initial patch on October 14 proved inadequate.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FaGyhT8/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/o16wr5q172TFzA0tHubc3JydQU6dpoUJqy37tcU3yVw=429">
<span>
<strong>GlobalCVE (WebApp)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A unified, open-source hub for global vulnerability intelligence.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flearn.microsoft.com%2Fen-us%2Fintune%2Fintune-service%2Fprotect%2Fzero-trust-configure-security%3Futm_source=tldrinfosec/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/1hHl_xcDpxt1qxL51g00NU5_qZdx0f4SLHaIHNPQ2Vo=429">
<span>
<strong>Configure Microsoft Intune for Increased Security (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A collection of settings for Microsoft Intune for securing tenants, devices, and data.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/tG1gBeHIecfL41zcFy3gtov_rBLMH6l_5xmVhCCC0e8=429" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/Fd3xXhdRW94PGmlO1qYesULWwKGcDsh4cbzs1QNQccI=429" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/05qO4s-7XjRbyoy4ZJz3unA-WIIuTzIEesTBhwLUSsk=429"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/Tjb0sElG_FiiAYj-i63VXLQTzRis72z99NjVH1T1knQ=429" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/-8S7u_lnlSODaMr-WRT5dMSoG7Wm-XR4eAzqfiX5MPU=429"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/SJGLIsK7sjHvXVpO_laWSDtGA3yBFV4asQQeAh8FJco=429"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/i20tjTmU4AG1kkeMc5ca99tyfX3wuqiNuFIC5JpJVXw=429"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/BVe2n3CiqDxYpXFafYBAMfUdatG4CZ77DsyKzj72zn4=429">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=0aabb27e-b3e6-11f0-a1da-b9cef28262e9%26pt=campaign%26pv=4%26spa=1761656470%26t=1761656777%26s=c6bb0a019853b65f82e6db2c46c710d269a86c89f520c4608bc1d24f0c7d2e37/1/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/BPG5jIlDV765214E7i4P1lCxt4JmznsGLSa181uiQM4=429">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019a2aed29ae-741a62ce-e0b5-4956-a570-72e1f3f5b64a-000000/6aZcsvvCAvxiD5GJSuEAMQkTSbdzc1Lx22yWMVui2IM=429" style="display: none; width: 1px; height: 1px;">
</body></html>