<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Ribbon Communications has suffered a breach with attackers accessing the IT network from December 2024. No sensitive data exfiltration was confirmed β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/3ZdjO9FFy7o3uB1gZ4lAL6EKT0jtZ6cBvnD8Dz6GOtU=429" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/1esIdiqBc05HqVtVUS2Micx2XCVsbG_YdRoWBMxi6_s=429" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=f20a4e26-b618-11f0-8fd6-49cedf700189%26pt=campaign%26t=1761916013%26s=475109a268516ba1ba90a72cf1121c27c0973debcc3a4423d426c8288b3db981/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/Bg-Xs6n3zkpXaosB1uMMgBsBuzMjIvo6nTS_Siw8Y8M=429"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-10%26utm_content=text%26utm_term=live-october-31-primary-infosec-newsletter/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/SZUGG9uqF6Ox8Lqr5NjkURjaVGsZ0nkRvVrjcMPnvZc=429"><img src="https://images.tldr.tech/1password-2.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="1Password"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-10-31</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-10%26utm_content=text%26utm_term=live-october-31-primary-infosec-newsletter/2/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/O9-fmZbeJC12sQwNU7Goubl9SxxSaDHFDZitr6dsDx4=429">
<span>
<strong>Webinar: How Reddit matured access management with 1Password (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Poorly-managed passwords are the #1 cause of breaches, and they leave IT teams struggling with fragmented access management and manual onboarding/offboarding processes. Reddit was dealing with all these challenges, plus a compromised security vendor. They needed a solution that reduced credential risk without slowing down their employees.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-10%26utm_content=text%26utm_term=live-october-31-primary-infosec-newsletter/3/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/L5JbCxMi1KdyWn2cz0rqBQ8hQeyi4tida2_hyw98uuE=429" rel="noopener noreferrer nofollow" target="_blank"><span>In this webinar</span></a>, Reddit's Sr. Manager of Enterprise Security & Systems, Nick Fohs, shares the inside story of how his team used 1Password to manage credentials across the entire company. You'll get a first-hand look at the problems they faced, and the impact 1Password has had on security and efficiency.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-10%26utm_content=text%26utm_term=live-october-31-primary-infosec-newsletter/4/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/9LbyXwfRByJ5C5Fh6_pNSfgZQS0EfgRtqlU3OK3N8Ss=429" rel="noopener noreferrer nofollow" target="_blank"><span>Register now</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F10%2Fnew-teefail-side-channel-attack.html%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/sVPzhckh9DpWzAnsA5lCAlTdZkbRLygihwJkV7ecOIE=429">
<span>
<strong>New TEE.Fail Side-Channel Attack Extracts Secrets from Intel and AMD DDR5 Secure Enclaves (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
TEE.Fail is a side-channel attack that targets DDR5 memory systems which uses a $1,000 interposition device to physically monitor memory traffic and extract cryptographic keys from Intel TDX/SGX and AMD SEV-SNP trusted execution environments. The attack exploits weaknesses in AES-XTS deterministic encryption used by both vendors, enabling attackers to record memory operations between CPU and DRAM, extract ECDSA attestation keys, and compromise confidential virtual machines by faking attestation processes. Both Intel and AMD have classified this as an out-of-scope physical attack with no planned mitigations, leaving software countermeasures as the only defense option despite their high implementation costs.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Fmajor-us-telecom-backbone-firm-hacked-by-nation-state-actors%2F%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/GuQJRfndwIib0dPB3V6VzyJswcoQDIUqFwrE2zzBXmo=429">
<span>
<strong>Major US Telecom Backbone Firm Hacked by Nation-State Actors (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Ribbon Communications has suffered a breach with attackers accessing the IT network from December 2024. No sensitive data exfiltration has been confirmed. Some customer files outside the main network were accessed, but notifications have been sent. The company does not anticipate a major operational or financial impact.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.techradar.com%2Fpro%2Fsecurity%2Fconduent-admits-its-data-breach-may-have-affected-around-10-million-people%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/lsvH-fMi-0qWeoLyumL5NC4AZD6dY4ZbD1Ra0DkmCco=429">
<span>
<strong>Conduent admits its data breach may have affected around 10 million people (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Conduent has confirmed a cyberattack exposed sensitive data of up to 10 million people. The breach, attributed to the SafePay ransomware gang, lasted nearly three months and compromised data such as Social Security numbers and medical information. Impacted individuals are spread across several states.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fresearch.eye.security%2Fprompt-injection-to-battle-shadow-ai%2F%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/ibpTVev7LsbsCixxast-Qv1QVsalfh_vW2-aXmxq-Ys=429">
<span>
<strong>Battling Shadow AI: Prompt Injection for the Good (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers developed a defensive use of prompt injection to combat Shadow AI risks by embedding hidden warnings in corporate documents that trigger alerts when users upload sensitive files to unapproved AI tools like ChatGPT or DeepSeek, successfully displaying disclaimers and, in some cases, blocking processing entirely. The team built an open-source prototype tool called "Prompt Injection for the Good" to test effectiveness across multiple LLMs and file types, finding most models honor carefully-phrased warnings in .docx, .pdf, and .eml formats. It failed to detect prompts in heavily obfuscated text and OCR-based tools. Security professionals should experiment with embedding defensive prompt injections in corporate document templates and sensitivity labels as a user awareness mechanism for Shadow AI. This creative approach has limitations, including inconsistent LLM behavior, potential conflicts with vendor anti-injection defenses, and the dual-use risk of the technique itself.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Faws.amazon.com%2Fblogs%2Fmessaging-and-targeting%2Fenhance-email-security-using-vpc-endpoints-with-amazon-ses%2F%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/9Lqhb3E1VV_3uazM1GksEo65I9hjyL8ALMevjMjuxtk=429">
<span>
<strong>Enhance Email Security Using VPC Endpoints with Amazon SES (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Amazon offers the ability to use VPC endpoints for isolating network traffic and securing Amazon Simple Email Service (SES) SMTP connections. This walkthrough from AWS details the process for creating a secure SMTP configuration using VPC endpoints, security groups to limit SMTP traffic to approved networks, and IAM policies to limit SES usage to authorized accounts.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F05G8L0/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/a9XKjLw_RF9VQ-PBs3hs-O7TIrYAtLCsRbuzOA57XZw=429">
<span>
<strong>10 npm Typosquatted Packages Deploy Multi-Stage Credential Harvester (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Socket has identified a campaign using 10 typosquatted npm packages that execute credential-stealing malware when installed. These packages exploit the npm postinstall lifecycle to run code automatically, showing a fake CAPTCHA and realistic installation prompts to deceive developers. The payload employs multiple layers of obfuscation, fingerprints victims by IP, and downloads a 24MB cross-platform information stealer that harvests credentials from system keyrings, browsers, and authentication services on Windows, Linux, and macOS.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.vectra.ai%2Fresources%2Fmind-your-attack-gaps%3Futm_source=tldr%26utm_medium=display%26utm_campaign=26Q3_C_AMS_PRO_TLDR-Newletter/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/O4IkWyJbf6DuVRCJZTEhNiKMnGgAwD9dPComVOapqoU=429">
<span>
<strong>Stop threats from haunting your SOC (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Haunted by endless alerts and unseen attackers? Blind spots across cloud, identity, and network give adversaries the cover they need to strike. Vectra AI's Attack Signal Intelligenceβ’ shines a light on hidden threats with faster MTTD, fewer false positives, and less analyst fatigue. Uncover what lurks in your environment in <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.vectra.ai%2Fresources%2Fmind-your-attack-gaps%3Futm_source=tldr%26utm_medium=display%26utm_campaign=26Q3_C_AMS_PRO_TLDR-Newletter/2/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/lTAqaM2Puo74sEtwTQKgFaid0C6aHslSjgrZ1O7HoB8=429" rel="noopener noreferrer nofollow" target="_blank"><span>Mind Your Attack Gaps</span></a>, then see how Vectra exposes them. See the unseen before it sees you. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.vectra.ai%2Flp%2Fdemo%3Futm_source=tldr%26utm_medium=display%26utm_campaign=26Q3_C_AMS_PRO_TLDR-Newletter/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/nvK4aIetnl9yANYz9uIN1HwLYWcOy1d30fnVOxOSPyY=429" rel="noopener noreferrer nofollow" target="_blank"><span>Book a demo</span></a>.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Ffuture-architect%2Fvuls%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/VhTBqbqksTevwjTKv-C-n2dyOKbUAjnDCb5jkFGLV7I=429">
<span>
<strong>Vuls (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Vuls is an agent-less vulnerability scanner for Linux, FreeBSD, containers, WordPress, programming language libraries, and network devices.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhnsecurity.it%2Fblog%2Fbrida-0-6-released%2F%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/vDwNN6MA_u1NUstLQO7SXdTp8iYn6lT287gir4f4N0o=429">
<span>
<strong>Brida 0.6 released! (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Brida 0.6 now supports Frida 17+ after breaking changes in Frida removed runtime bridges from GumJS, which affected many tools, including earlier Brida versions. The update features major JavaScript refactoring for Frida 17.3.2+ compatibility, support for frida-compile 19.0.4, new Host:Port and DeviceId modes, OkHttp hostname verifier bypass, improved Android root detection, and Gradle configuration. Mobile security testers should upgrade to Brida 0.6 for current Frida support. 0.6pre remains for legacy use with older Frida versions on incompatible devices. It's pending approval in Burp Suite's BApp Store but available on GitHub.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fspektrum.ai%2F%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/uYAWEaSuORLL0v8mwDQhrm8Fy3GxWkpDuUDqLWXlTi4=429">
<span>
<strong>Spektrum Labs (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Spektrum Labs delivers a cyber resilience platform that uses AI agents to continuously validate security posture and generate cryptographic proof of safeguards, enabling organizations to confidently demonstrate resilience to boards, customers, insurers, and regulators.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.trendmicro.com%2Fen_us%2Fresearch%2F25%2Fj%2Fpremier-pass-as-a-service.html%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/hQFLeSuqlSID6oDX8GGRgXWzQolZae5XVTDzoQO-49o=429">
<span>
<strong>The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns (13 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Trend Micro researchers identified a sophisticated "Premier Pass-as-a-Service" model where China-aligned APT groups Earth Estries and Earth Naga collaborate by sharing access to compromised networks, with Earth Estries acting as an access broker that hands off already-compromised systems to Earth Naga for continued exploitation. The attacks targeted government agencies and telecommunications providers across APAC, Southeast Asia, and NATO countries using multiple deployment vectors, including CrowDoor backdoors, ShadowPad malware, and Cobalt Strike beacons delivered through DLL side-loading and compromised credentials. This emerging collaboration pattern complicates attribution efforts and represents an evolution beyond traditional initial access brokers, as threat actors share access at later stages of the kill chain (command-and-control phase) rather than just initial entry points, requiring defenders to move beyond process chain analysis and monitor for suspicious file deployments and unauthorized remote administration tools.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fflatt.tech%2Fresearch%2Fposts%2Fllm-framework-vulns-exposed%2F%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/EJGvTxBDb-QR7VpZUircooM9lF1WChdi6RqRWsG89HA=429">
<span>
<strong>Security Risks of LLM Frameworks with Case Studies (13 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Critical vulnerabilities across major LLM frameworks like SSRF, path traversal, SQL injection, RCE, server-side template injection, and DoS attacks arise from insufficient input validation, unsafe code execution features, and flawed integration with external resources. They stem from common implementation mistakes, including failing to validate URLs and paths in web crawlers, executing LLM-generated SQL without proper sanitization, failing to enforce import restrictions in code execution environments, and setting inadequate resource limits for streaming operations. Developers should avoid experimental/deprecated framework features, implement strict input validation using allowlists for URLs and paths, separate templates from user data, restrict LLM permissions to the minimum necessary levels, and apply multi-layered defenses.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.imperva.com%2Fblog%2Fcve-2025-62725-from-docker-compose-ps-to-system-compromise%2F%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/09bhFsDfVpvsIsvoEJjyjcJaTTVJn-OG55Wg7KCrDms=429">
<span>
<strong>CVE-2025-62725: From "docker compose ps" to System Compromise (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A path traversal vulnerability in Docker Compose allowed attackers to write arbitrary files on host systems by crafting malicious OCI artifacts. The bug was triggered by seemingly harmless commands like 'docker compose ps', enabling attackers to escape the cache directory and gain SSH access by injecting public keys into authorized_keys files. Docker patched this high-severity flaw (CVSS 8.9) in version v2.40.2.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fpages%2Fhackers-hate-us-you-love-us%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=haters_vs_lovers_q4_25%26utm_content=haters_vs_lovers%26utm_term=newsletter/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/cs_Zg3J4zhQDqQsfYeR2Ry0y7zZqXL1nO_GKuvz6ATA=429">
<span>
<strong>The post mortem of a failed ransomware attack (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attackers used stolen admin credentials to infiltrate a hospital network β aiming to deploy remote access tools, steal sensitive data, and unleash ransomware. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.threatlocker.com%2Fpages%2Fhackers-hate-us-you-love-us%3Futm_source=tldr%26utm_medium=sponsor%26utm_campaign=haters_vs_lovers_q4_25%26utm_content=haters_vs_lovers%26utm_term=newsletter/2/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/KIkP5Sd18p13FuQCcMWoeqqJLF5EtsRVJ15g_L7XI5I=429" rel="noopener noreferrer nofollow" target="_blank"><span>See how ThreatLocker detected and stopped the attack.</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fwordpress-security-plugin-exposes-private-data-to-site-subscribers%2F%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/_17cpuKAi3tW9k9SiN88_uPxU8qdf8QywQ48Zk5fPvA=429">
<span>
<strong>WordPress Security Plugin Exposes Private Data to Site Subscribers (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Security researchers have found a vulnerability in the WordPress plugin that allows authenticated users to access any server file due to missing capability checks, affecting over 100,000 servers.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bankinfosecurity.com%2Ffrancisco-partners-to-buy-apple-security-firm-jamf-for-22b-a-29877%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/p85gq_lvs-p9748WDMDtrFn_O5-zEWJvOcifdS9DPcc=429">
<span>
<strong>Francisco Partners to Buy Apple Security Firm Jamf for $2.2B (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Private equity firm Francisco Partners announced that it will be buying endpoint security software Jamf.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F10%2F29%2Fbrash_dos_attack_crashes_chromium%2F%3Futm_source=tldrinfosec/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/pV6-nnt3rnvkRE8QV4ijM-eHT-vdk6_Wel3nQ2XYQHw=429">
<span>
<strong>This Security Hole Can Crash Billions of Chromium Browsers, and Google Hasn't Patched It Yet (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A security researcher found a denial of service flaw in Chromium's Blink engine caused by missing rate limiting on document.title updates, which was effective on nine out of eleven major browsers tested.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/iD9FNVdPnUNA_DW6giimommc8rr9ZaLqGwDFA8zHBQo=429" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/8-wWlr2NpMX7x3f47gs9-vcioWlksP_wLBKzR-uNoFc=429" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/qGiLvgiy0S7QzrhqgHWy95ZilBBk8-jSnsWi9VsSvOo=429"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/s-FK2J4qyOHARuoCxy_jHJsrATT_ZeKgNOC_co4l7wo=429" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/8JfnTivGmQfElb37mhrOl7V7dMJJd1bsW6RPhYVaP2w=429"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/gGSfL_o24jT6uqZ7KxdbGYcKnqs6dpHHh82DaGda3sc=429"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/18GD1WnpYSTxAcbjmecacKjDmed8W5ZMhbYivrSfos4=429"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/_pHGWnl1dZ47e9mrhB6fcOdXEWCHB4aU9XPcmLlvcFI=429">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=f20a4e26-b618-11f0-8fd6-49cedf700189%26pt=campaign%26pv=4%26spa=1761915704%26t=1761916013%26s=48842a9cb95285d1dc5259cac87693779a42db6713ca01536e31e697d9846850/1/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/vTur3rSEhFYxACsZyLL8bZt-Tu_vOQS8mNLrTkoAV44=429">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019a3a60cd44-44e4c1f0-a97d-458d-ac48-d03b91cedd1a-000000/HU9s5XNfFdJj061P9dlITiRcmplM9wVitKwU9XBvj9U=429" style="display: none; width: 1px; height: 1px;">
</body></html>