<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Investigators in India discovered a cybercrime ring that hacked into 80 CCTV dashboards across schools, hospitals, and homes and sold clips โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/Pz54zGGbMa7X3UVu56EtfDTka03yWxzgdMGTQirUtQ4=430" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/blmt4-tMJ1jLFv7quFC3HpNu0nWVpEt2QBcH-xNRtFk=430" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=43543be6-ba35-11f0-8060-370c0295318f%26pt=campaign%26t=1762351599%26s=eaa7438dfb24ce74e3f69fd20be96211a823d0d8ef2436295f06353b584c8cd6/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/j3UrzA4UWA4A_4W-RRiJsDi6KDs8pyHktmNg7tvgTkM=430"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fyoutube.com%2Fplaylist%3Flist=PL0afnnnx_OVBJFAJKhUnZNPJtzbcB_owK%26si=adLPOAq71FgOm_2L/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/3saeOgMUTLlihOajbgFn8gdl9kcs7wTlRYKCTLgjG1A=430"><img src="https://images.tldr.tech/veeam.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Veeam"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-11-05</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fyoutube.com%2Fplaylist%3Flist=PL0afnnnx_OVBJFAJKhUnZNPJtzbcB_owK%26si=adLPOAq71FgOm_2L/2/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/2yE1n9GM5umlqM91guK5N6lTbe1EPG6sBElcoH794ow=430">
<span>
<strong>Inside the 3 a.m. Cyber Crisis: <em>Wake Up!</em> by Veeam (Sponsor)</strong>
</span>
</a>
<br>
<p>Cybersecurity isn't just about ransomware, phishing, and attack paths. It's about the people, culture, and choices that happen when an attack strikes โ often at the worst possible time.</p>
<p><em>Wake Up!</em> by Veeam gives you an exclusive peak behind the curtain: raw, first-hand stories from CISOs and security leaders who faced the 3 a.m. wake-up call โ and survived to tell the tale.</p>
<p>๐ Listen to the Wake Up! Podcast on <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fyoutube.com%2Fplaylist%3Flist=PL0afnnnx_OVBJFAJKhUnZNPJtzbcB_owK%26si=adLPOAq71FgOm_2L/3/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/VCrXSDcFV3-5EEoeX0NG9xbKellz6hF_YXXv7X4NRhE=430" rel="noopener noreferrer nofollow" target="_blank">Youtube</a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fpodcasts.apple.com%2Fus%2Fpodcast%2Fwake-up-by-veeam%2Fid1848185110/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/SXmwPRlZAofJ8Qri2m5WkC6FAvOGSFJEuTs30xT94i8=430" rel="noopener noreferrer nofollow" target="_blank">Apple Podcasts</a> or <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fopen.spotify.com%2Fshow%2F5L0EZacHliEMNi5KC6whaf%3Fflow_ctx=e9757686-c4ea-4979-927d-96fd8628a930:1761264021/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/Ykf1hKZwCytt7euO52P2wvIM3PX2TEL0lm9IODv8eQw=430" rel="noopener noreferrer nofollow" target="_blank">Spotify</a></p>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
๐ Discover expert insights on the <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.veeam.com%2Fcxo%2Fthought-leadership.html%3Futm_source=tldr%26utm_medium=email%26utm_campaign=2025-veeam-brand%26utm_content=wake-up-vodcast/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/PlGwxmDagqiovbrL7BKF3a5_cVs9OSEqKN3Hx5me2fM=430" rel="noopener noreferrer nofollow" target="_blank"><span>Veeam Thought Leadership Hub</span></a>
<p></p>
<p>๐ Test your cyber readiness today with a <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.veeam.com%2Fdrmm-quick-pulse%3Futm_source=tldr%26utm_medium=email%26utm_campaign=2025-veeam-brand%26utm_content=wake-up-vodcast/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/4erb0wHn79r3fAg5vAN5ianjk0_jyOdfLj7tfbG-7HE=430" rel="noopener noreferrer nofollow" target="_blank"><span>free self-assessment</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F11%2Foperation-skycloak-deploys-tor-enabled.html%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/x2ZcIP2Tzcz0BZrCESy3mzQ2pE1xyYqg7P6MnjDRPHs=430">
<span>
<strong>Operation SkyCloak Deploys Tor-Enabled OpenSSH Backdoor Targeting Defense Sectors (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Operation SkyCloak uses phishing emails with military document lures to deploy sophisticated backdoors targeting defense sectors in Russia and Belarus, establishing persistent access through legitimate OpenSSH services and customized Tor hidden services with obfs4 traffic obfuscation. The malware performs environmental checks to evade sandboxes, creates scheduled tasks for persistence, and enables remote access to critical Windows services (RDP, SSH, and SMB) through anonymous Tor addresses using pre-installed cryptographic keys. Security professionals should monitor for unusual scheduled tasks named after legitimate applications, implement network monitoring for Tor traffic patterns, and enhance email security controls to detect phishing campaigns using military-themed lures targeting defense organizations.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftimesofindia.indiatimes.com%2Fcity%2Frajkot%2Finside-indias-voyeur-web-80-cctv-dashboards-hacked-across-20-states-hospitals-schools-homes-streamed-to-porn-channels-50000-clips-sold%2Farticleshow%2F125073851.cms%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/mRsYnED5D0ElP3SgecFhPuTIHF_YyOTllGqucre8G38=430">
<span>
<strong>Inside India's Voyeur Web: 80 CCTV Dashboards Hacked Across 20 States (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Investigators in India discovered a cybercrime ring that hacked into 80 CCTV dashboards across schools, hospitals, and homes and sold clips to an international porn fetish network. The attackers were able to access the dashboards because they used default passwords such as โadmin123'.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmedia-giant-nikkei-reports-data-breach-impacting-17-000-people%2F%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/-NDMWxBE-kcZyR9dSDdiTWJhwjqLOmKlgze27o3UFX0=430">
<span>
<strong>Media Giant Nikkei Reports Data Breach Impacting 17K People (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Japanese publishing giant Nikkei, which owns international brands such as The Financial Times, reported that its Slack platform was breached. An account was breached via stolen credentials from an employee's computer. Messages sent by over 17K members of the Slack organization were stolen. Nikkei stated that no data related to confidential sources was available.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐ง </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.philvenables.com%2Fpost%2Fsecurity-leadership-master-class-1-leveling-up-your-leadership%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/fMT9CWh0FDV9yLOKhM5Vy0v9KLbcafulRjbAwogjVws=430">
<span>
<strong>Security Leadership Master Class 1: Leveling Up Your Leadership (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Effective security leaders understand that they must act like a business executive, not an IT manager, and must focus on creating a high-level strategy, master business-oriented communication, manage executive expectations, and proactively communicate successes and manage the maritime. Security leaders should also work at the team level to build resilient teams, develop scalable systems, prioritize areas that require more effort, take personal accountability, and engage with the professional community. This is part one of a 7 part series by Phil Venables on security leadership.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgoogleprojectzero.blogspot.com%2F2025%2F11%2Fdefeating-kaslr-by-doing-nothing-at-all.html%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/GhjmYtlNFJNTE7RMfAfnZpB-MUKvLA905-f-zqZBgwI=430">
<span>
<strong>Defeating KASLR by Doing Nothing at All (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Kernel Address Space Layout Randomization (KASLR) on Android ARM64 devices can be completely bypassed without any exploits due to the Linux kernel's linear mapping being placed at a predictable virtual address (0xffffff8000000000) and Pixel phones loading the kernel at a static physical address (0x80010000). This allows attackers to calculate exact kernel virtual addresses for any data structure using simple arithmetic, effectively nullifying KASLR's protection against local kernel exploits on affected devices. The vulnerability stems from engineering decisions that prioritize memory hot-plugging support over security randomization, with both the Linux kernel team and Google considering this intended behavior and having no immediate plans for mitigation.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fblog%2F2025%2F11%2F03%2Fsesameop-novel-backdoor-uses-openai-assistants-api-for-command-and-control%2F%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/lkeU60V5YahYKZI8zqU9ensOAwctm4eRE0uAS6Z45Oo=430">
<span>
<strong>SesameOp: Novel backdoor uses OpenAI Assistants API for command and control (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A new cybersecurity threat called SesameOp leverages the OpenAI Assistants API as a covert channel for command and control, allowing attackers to communicate with malware undetected. By embedding its communication within legitimate API traffic, SesameOp enables persistent access and remote control of compromised systems while evading traditional detection methods. It achieves this by leveraging obfuscated code, secure encryption, and creative misuse of built-in API functionality, rather than exploiting specific software vulnerabilities.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐งโ๐ป</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="http://tracking.tldrnewsletter.com/CL0/http:%2F%2Fhuntress.com%2Ftldr-live-hack%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/iNVGu3vfwdc6Jj1jyBiGmJfKmiEP_oo_R2BJgL-8YMk=430">
<span>
<strong>Three words: Live. Hacking. Demo. ๐ฅ (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Join Huntress CEO and former NSA operator Kyle Hanslovan on November 13 at 11am ET as he breaks into a Microsoft 365 account to show you how hackers spin up believable phishing lures, scrape browser creds, and reuse other people's logins without breaking a sweat. <p></p><p><a href="http://tracking.tldrnewsletter.com/CL0/http:%2F%2Fhuntress.com%2Ftldr-live-hack/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/D1bDB6c6nhyvyfT56pEbGTpUK5oUS2g-s5a4k4yC-Ro=430" rel="noopener noreferrer nofollow" target="_blank"><span>Register now.</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fmayanayza%2Fnetvisor%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/bG_vasN4BuDafCGaQcoUtIX57pjA7HwbPdTuFYbMgKc=430">
<span>
<strong>netvisor (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
netVisor is an open-source network topology discovery and visualization tool that automatically scans networks to identify hosts, services, and their relationships, generating interactive documentation of network infrastructure. The tool employs a server-daemon architecture, where lightweight agents perform network scanning from multiple vantage points (supporting VLAN mapping) and report to a central PostgreSQL-backed server. This server generates visual topology maps, automatically detecting over 50 common services, including virtualization platforms, network infrastructure, and security tools. Security teams can leverage this for asset inventory, network segmentation validation, and maintaining up-to-date network documentation without the need for manual diagramming.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Faditya01933%2FSlopGuard%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/YYvuwtu92fHsDPQK-Ep_wkIVO2Cd0Ck26_tVZ0eWxR4=430">
<span>
<strong>SlopGuard (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
SlopGuard detects AI-hallucinated packages, typosquatting, and supply chain attacks with automated trust scoring. Zero maintenance, <3% false positives, and multi-ecosystem support
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.neoncyber.com%2F%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/CLvJzu8ZS12JSUrilUzh-w4vUuPf-r4WAZSX2b6ZELQ=430">
<span>
<strong>Neon Cyber (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Neon Cyber protects organizations by embedding a browser extension on managed devices, providing real-time protection against phishing and insider threats. It delivers deep visibility into user actions in the browser, following threats and giving analysts a complete forensic context without adding user friction.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F11%2Fmalicious-vsx-extension-sleepyduck-uses.html%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/sWm3R6cYdTMgqnrkACXDgLbr1MpxcbUE3jphuiqj1Xw=430">
<span>
<strong>Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The SleepyDuck malware, disguised as a legitimate Solidity extension for Visual Studio Code, uses an innovative Ethereum smart contract-based command and control infrastructure to maintain persistent access even if primary servers are taken down. The malware activates when opening .sol files, connects to Ethereum RPC providers to communicate with contract address 0xDAfb81732db454DA238e9cFC9A9Fe5fb8e34c465, and polls for commands every 30 seconds while collecting system information and providing remote access capabilities. Security professionals should implement strict extension vetting processes, monitor network traffic for Ethereum RPC connections originating from development environments, and establish policies that require extensions to be sourced only from verified publishers with established reputations.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fus-cybersecurity-experts-indicted-for-blackcat-ransomware-attacks%2F%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/UAeJXSI_CSlgPGwVK3OdKoJW58_0xerRDgjzwXr2WqE=430">
<span>
<strong>US cybersecurity experts indicted for BlackCat ransomware attacks (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Three former cybersecurity incident response professionals from DigitalMint and Sygnia face federal indictment for allegedly operating as BlackCat/ALPHV ransomware affiliates, attacking five US organizations between May and November 2023 with ransom demands ranging from $300,000 to $10 million. The defendants exploited their insider positions as ransomware negotiators and incident response managers to gain unauthorized network access, steal data, deploy encryption malware, and demand cryptocurrency payments while only successfully extracting $1.27 million from one Tampa medical device manufacturer. Security teams should scrutinize third-party incident response providers and implement strict access controls. This case highlights the severe risk of insider threats when trusted security professionals abuse privileged access for financial gain.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F11%2F03%2Fmit_sloan_updates_ai_ransomware_paper%2F%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/ugbVfLq_-ZAPgEk_x8NkG-9Lue4AWV9hEZoJEDpGgu4=430">
<span>
<strong>MIT Sloan quietly shelves AI ransomware study after researcher calls BS (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
MIT Sloan has withdrawn a paper claiming that over 80% of ransomware attacks are AI-driven following strong criticism by cybersecurity experts who found its claims unsubstantiated and its evidence lacking. Critics argued the research exaggerated AI's role in cyberattacks and pointed to possible conflicts of interest, causing MIT to promise an updated version.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">โก</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Finvicti.com%2Fplp%2Fplp-aspm%2F%3Futm_medium=3rdparty%26utm_source=tldr%26utm_campaign=quick-link-aspm%26utm_medium=3rdparty%26utm_source=tldr%26utm_campaign=quick-link-aspm/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/7zxkgTCCOHSQs0pyHL-V4wCcnZJQ_fpFcsXJjOyIwL4=430">
<span>
<strong>Overwhelmed by fragmented AppSec testing? (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
<a class="c-link" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Finvicti.com%2Fplp%2Fplp-aspm%2F%3Futm_medium=3rdparty%26utm_source=tldr%26utm_campaign=quick-link-aspm%26utm_medium=3rdparty%26utm_source=tldr%26utm_campaign=quick-link-aspm/2/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/HmO9rhxwb7oi85WGG8EHXbMih2KwywZD4cnLtQkdjpw=430" rel="noopener noreferrer" target="_blank"><span><strong>Invicti ASPM</strong></span></a> brings all your tools together in one platform so teams see risk clearly and remediate faster.
<br><a class="c-link" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Finvicti.com%2Fplp%2Fplp-aspm%2F%3Futm_medium=3rdparty%26utm_source=tldr%26utm_campaign=quick-link-aspm%26utm_medium=3rdparty%26utm_source=tldr%26utm_campaign=quick-link-aspm/3/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/A0FAiSJZN2hmkRZwoEWYUDniicxMYNYwCuXoYieyoZs=430" rel="noopener noreferrer" target="_blank"><span><strong>โ [Get a demo]</strong></span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fmicrosoft%2Fmicrosoft-patch-for-wsus-flaw-disabled-windows-server-hotpatching%2F%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/mOtmzxC6v5nXSYveD0XMITzD3ZP7N1NJ13BQCmDHvvQ=430">
<span>
<strong>Microsoft: Patch for WSUS flaw disabled Windows Server hotpatching (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft's emergency patch, KB5070881, for the actively exploited CVE-2025-59287 WSUS remote code execution vulnerability inadvertently disabled hotpatching on Windows Server 2025 systems, forcing affected organizations to choose between vulnerability remediation and zero-downtime patching capabilities until the corrected KB5070893 update or the January 2026 baseline becomes available.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Fapple-patches-19-webkit-vulnerabilities%2F%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/JMyvSVGNXEwEbM2Y7WAeygwRnb1LIok382glzTMnGes=430">
<span>
<strong>Apple Patches 19 WebKit Vulnerabilities (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Apple released iOS 26.1 and macOS Tahoe 26.1, patching over 100 vulnerabilities, including 19 WebKit browser engine flaws (many found by Google's Big Sleep AI).
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fapache-openoffice-disputes-data-breach-claims-by-ransomware-gang%2F%3Futm_source=tldrinfosec/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/UOPxPvj8kDQojeadtaUwaNs1uEkUBl5gzMUImbjyP5w=430">
<span>
<strong>Apache OpenOffice disputes data breach claims by ransomware gang (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Apache Software Foundation has denied the Akira ransomware gang's claims of breaching Apache OpenOffice and stealing 23GB of employee information, financial data, and internal files.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/f-tTb_0jhLFGc9hDt0uoKxSWtMqBNlSuoS08foa8FaU=430" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/EsdyYQ0LFj458eAK86vpI8YbPp-nqs5z_STi0RWmgA8=430" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? ๐ฐ
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/b60NhtGxkt4gYZPh5FT95V5GoqrXn03TxqdSh8_LPgU=430"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? ๐ผ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/JMbJbIBtwlPfIdx6r4RA91mri6c7bqp2VkS8HN1Ew9Y=430" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/hZOfpwmLrcVYELBJ8Uck8A5d4Q1wmxpzLIeJx9C8Jwk=430"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/-kgFDGZpZrGsdEKOg5iu1bR3Jb2JA0eELZbum-xR-No=430"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/Yyux8Nkhpu8UF8SrOxfrnR9H8gcW4sUZEssClZz2g_E=430"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/4QTUvAz9pph9jOd7FSxZ3nKlXMdTWHVpwdjfpB6iack=430">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=43543be6-ba35-11f0-8060-370c0295318f%26pt=campaign%26pv=4%26spa=1762351288%26t=1762351599%26s=cba1adc1a518afd8e1998dcf11e2e9beab52b714daeb02642cc7d27cefa8f29d/1/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/78U3n9UZJ11JkmY_ZydYopzk3cptR98-8hiT3RpIrBU=430">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019a54574ff7-1bc2166a-463d-40eb-b573-cb1716ed91ac-000000/jpZs5ChjQ7Kpc8_ONdTbjMdtLjr4zTC7P99IhaVtlcs=430" style="display: none; width: 1px; height: 1px;">
</body></html>