<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Google identified PROMPTFLUX, an experimental malware, using a hardcoded Gemini API key to query Google's LLM with prompts for code obfuscation β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/3FOEOLzMEdseE5xR1g94b841T3cbSn5DkHG43TJcCXc=430" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/Okdn0CLKZWCVdQUSfC4dnR7xEiuh9Hn0IehIm-LyJxI=430" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=d7c471fc-baf2-11f0-b11f-6de8da854277%26pt=campaign%26t=1762438052%26s=9f8d98fd06e36b0f3f285d456174fb210bc361bdc0a52e30fc3df7f2f6d608bf/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/I-h7Cs_6XX_c9VqsWLOeNrIyAMM0CQbAY2izhtQSx1U=430"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Fitdr-free-trial%3Futm_source=tldr%26utm_medium=email%26utm_campaign=cy25-11-camp-platform-global-prospect-iis-x-tldr_newsletter_1106%26hnt=8ppdtebukomo/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/TPjjJVULA9_r32K-uQd-Pno7daT704ypvfypGgTzvn8=430"><img src="https://images.tldr.tech/huntress.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Huntress"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-11-06</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Fitdr-free-trial%3Futm_source=tldr%26utm_medium=email%26utm_campaign=cy25-11-camp-platform-global-prospect-iis-x-tldr_newsletter_1106%26hnt=8ppdtebukomo/2/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/p4kZCBn1u1RHRdCnlti-ZQNqJyHbbMDjkxjj6U8c-RY=430">
<span>
<strong>π Dare to see what's lurking in your Microsoft 365 environment? (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Threat actors don't need to break in anymoreβthey just log in. The <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Fitdr-free-trial%3Futm_source=tldr%26utm_medium=email%26utm_campaign=cy25-11-camp-platform-global-prospect-iis-x-tldr_newsletter_1106%26hnt=8ppdtebukomo/3/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/acsgh43BrqtGyIt0UgLTwR8Ps9fsUx83xzefeqQ7uyc=430" rel="noopener noreferrer nofollow" target="_blank"><span>Huntress Identity Security Assessment</span></a> shows you where. Start a<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Fitdr-free-trial%3Futm_source=tldr%26utm_medium=email%26utm_campaign=cy25-11-camp-platform-global-prospect-iis-x-tldr_newsletter_1106%26hnt=8ppdtebukomo/4/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/fUeJmfay2Cyo6Yg77jkyES_djMxzQv2G8XRdPSHVCto=430" rel="noopener noreferrer nofollow" target="_blank"><span> Managed ITDR trial</span></a> and you'll get a FREE customized report for your Microsoft 365 tenant, <strong>instantly.</strong>
<p></p>
<p>It shows you:</p>
<ul>
<li>Which accounts and logins look risky,</li>
<li>Rogue apps granting way too much access,</li>
<li>Hidden inbox rules attackers love to abuse,</li>
<li>Suspicious activity that screams βstolen creds.β</li>
</ul>
<p>It's quick, visual, and maybe a little unsettling (in a good way). Happy huntingβ¦ π</p>
<p>π <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Fitdr-free-trial%3Futm_source=tldr%26utm_medium=email%26utm_campaign=cy25-11-camp-platform-global-prospect-iis-x-tldr_newsletter_1106%26hnt=8ppdtebukomo/5/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/lSMoQCEglvmbxW2Jpn86bvWjbhVosNGl0PXehiMUDLU=430" rel="noopener noreferrer nofollow" target="_blank"><span>Start your free trial + access the free assessment</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.cybersecuritydive.com%2Fnews%2Fresearchers-flaws-manipulation-microsoft-teams-messages%2F804636%2F%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/jyiVqZy60dStNj84S4d2YpXIOXLhiHxi_0k8If0aMss=430">
<span>
<strong>Researchers Warn of Flaws That Allow Manipulation of Microsoft Teams Messages (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers from Check Point have discovered four vulnerabilities that allow attackers to manipulate Teams messages. The vulnerabilities could allow attackers to edit Teams messages without leaving the βeditedβ label, alter message notifications so they appear to be from a different sender, change the display name inside private chats, and alter caller identities in video and audio calls.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F11%2Fcritical-react-native-cli-flaw-exposed.html%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/vWhiMLBUERC4fFoqghQsEmxomavAtAuQcyhZqLROKdY=430">
<span>
<strong>Critical React Native CLI Flaw Exposed Millions of Developers to Remote Attacks (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A severe vulnerability in the widely used @react-native-community/cli npm package posed a high risk, allowing remote attackers to execute malicious OS commands on developers' machines running the React Native development server. Affecting millions and scoring 9.8 in severity, the flaw was patched in version 20.0.0.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F11%2Fgoogle-uncovers-promptflux-malware-that.html%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/MULT6Aqu6bEI8YE62Vo7PrCwYDTNdYugVJAFckA36Qs=430">
<span>
<strong>Google Uncovers PROMPTFLUX Malware That Uses Gemini AI to Rewrite Its Code Hourly (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google identified PROMPTFLUX, an experimental malware, using a hardcoded Gemini API key to query Google's LLM with prompts for code obfuscation and AV evasion. It was able to self-modify and rewrite its source code to evade detection. Believed to be in testing by a financially-motivated actor, the malware includes a "Thinking Robot' that logs AI responses, persists via Windows Startup, and attempts propagation through drives and network shares, though it currently has no real attack capabilities. Security teams should monitor LLM-assisted malware like other variants, implement API key rotation, and be aware of threat actors bypassing AI safety via social engineering.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Foauth-device-code-phishing-azure-vs-google-compared%2F%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/4EnlvfWhNm0t69Q68UcJ6wBsKBoTM34Ksl6OMfQKltw=430">
<span>
<strong>OAuth Device Code Phishing: Azure vs. Google Compared (11 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Device code phishing exploits OAuth 2.0's legitimate device authorization flow to steal access tokens by tricking victims into authenticating attacker-generated device codes, with Microsoft Azure allowing attackers to request powerful scopes (including Primary Refresh Tokens) through undocumented "Family of Client IDs" while Google severely restricts device flow to only YouTube and Google Drive scopes. Azure's implementation enables attackers to use legitimate Microsoft URLs and APIs throughout the entire attack chain without requiring client authentication, making phishing campaigns highly effective at bypassing MFA and gaining initial access with tokens scoped to Graph API, Intune enrollment, or other sensitive resources. Security teams should implement Conditional Access policies that restrict device code authentication, monitor suspicious device code flow usage patterns in Azure sign-in logs, educate users about the risks of entering codes from unsolicited communications, and consider Google's restrictive scope model as a defensive blueprint for limiting OAuth attack surface.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.plerion.com%2Fblog%2Ftrust-relationships-in-bedrock-service-roles%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/DHPIUQ7pGh45WdVuj2TLcG7Et-sMARfiytsqecRJgqs=430">
<span>
<strong>Bedrock'n'roll: Annoying Trust Relationships in Bedrock Service Roles (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Amazon Bedrock provides a wizard for creating execution roles using the Agent Builder UI. The trust policy on the created role allows any agent in the account to assume the role by default via a wildcard aws:SourceArn condition. Users should ensure that this condition is scoped to their specific agent.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fpulse.latio.tech%2Fp%2Fdeveloper-mdm%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/PHRNkpFHZgFF5jECPysyxVSMD1WD7RWeBhqTTtvfIcQ=430">
<span>
<strong>Fixing the Blindspot in Endpoint Security (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Deploying Mobile Device Management (MDM) solutions to developer endpoints often presents complications, as security tools are sometimes not well-suited to developer workflows. This leads to many organizations putting in extensive exemptions for developer endpoints, significantly weakening their security posture. This post advocates for a developer MDM that operates by injecting visibility using existing agents such as Zscaler and CrowdStrike.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.sprinto.com%2Flp-soc-2-newsletter%3Futm_source=Newsletter%26utm_medium=Referral%26utm_campaign=TLDRInfosec%26utm_term=6thNov/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/NdPseHAuXbyi3lowvfXEKmXZyLE6VqTy2WFlV8Z-4Ww=430">
<span>
<strong>How compliance teams can save 15+ hours/week with Agentic AI (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
SOC 2 and ISO 27001 shouldn't eat 40% of your team's time in 2026. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.sprinto.com%2Flp-soc-2-newsletter%3Futm_source=Newsletter%26utm_medium=Referral%26utm_campaign=TLDRInfosec%26utm_term=6thNov/2/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/1OkJKRWMJY9-4_YauyUCik_1ZYk7xhHnFLdBiEVergA=430" rel="noopener noreferrer nofollow" target="_blank"><span>Sprinto</span></a> uses Agentic AI to autonomously collect evidence, monitor risks, and keep you audit-read. Anaconda got compliant with Sprinto and closed a seven-figure deal within weeks. <a class="underline" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.sprinto.com%2Flp-soc-2-newsletter%3Futm_source=Newsletter%26utm_medium=Referral%26utm_campaign=TLDRInfosec%26utm_term=6thNov/3/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/4nELdym2a6s7S_KYD5kPwkP3E94fqzzVMOrHKgwUjHo=430" rel="noopener noreferrer nofollow" target="_blank"><span>TLDR readers get $1,000 off</span></a> + an Ultrahuman Ring once you get compliant.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FLissy93%2Fpersonal-security-checklist%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/i9k68SsbU-UlPtHiRJsaiHkdek0vjLDhvUdU9whlAag=430">
<span>
<strong>Personal Security Checklist (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A compiled checklist of 300+ tips for protecting digital security and privacy.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fvega.io%2F%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/G9ykT53l-DCioZBN_fmSjWVyKypbEYH1b2Q2ZxoaUBU=430">
<span>
<strong>Vega (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Vega delivers AI-powered security analytics and operations. It streamlines SOC workflows by analyzing data in place, surfacing critical alerts, and automatically fixing coverage gaps and noisy rules for faster response.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.acunetix.com%2F%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/_FlGyVtwJ91P7EMMwBe_y9764d49agbxsoDr8vapcvw=430">
<span>
<strong>Acunetix (Product)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Acunetix is a comprehensive web application vulnerability scanner that performs in-depth testing of modern, JavaScript-heavy apps, APIs, and traditional web platforms to identify issues such as SQL injection, XSS, and complex logic flaws, all with low false positives through automated verification. It seamlessly integrates into CI/CD pipelines to enable continuous security testing during development and offers compliance reporting for standards such as PCI DSS, HIPAA, GDPR, and OWASP Top 10. Security teams can utilize Acunetix for pre-production assessments, embed it into DevSecOps workflows for early testing, and leverage its API scanning capabilities to secure microservices and GraphQL endpoints that are often missed by traditional scanners.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2025%2F11%2F04%2Fphone-location-data-of-top-eu-officials-for-sale-report-finds%2F%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/R1n6GkyC2lTzzBVPsUBvIJdPYg1LFtaIiqK9X1o9Gbg=430">
<span>
<strong>Phone location data of top EU officials for sale, report finds (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Journalists discovered that location data from top EU officials was being sold by brokers, making it easy to track officials' movements, even with Europe's strict privacy laws. A leaked dataset revealed precise information on officials' whereabouts and highlighted weak enforcement against brokers.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Fgoogle-chrome-autofill-passports-licenses-safe%2F%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/n1MtqTDrZbgfHiRHndiq4ncR3jJbFFzZwMedfgEIaDM=430">
<span>
<strong>Google Expands Chrome Autofill to Passports and Licenses, But Is It Safe? (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google Chrome now supports autofill for sensitive documents like passports and driver's licenses, with encryption and user consent. However, security experts warn that this centralizes critical identity data in a vulnerable location, contradicting cybersecurity advice against storing such info in browsers. Malware like Shuyal Stealer targets browser-stored credentials, and Chrome autofill data isn't stored securely. Security teams should advise against storing sensitive IDs in autofill, enforce policies to restrict this in workplaces, monitor for info-stealer malware, and recommend dedicated password managers with stronger encryption instead of browser storage.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fkrebsonsecurity.com%2F2025%2F11%2Fcloudflare-scrubs-aisuru-botnet-from-top-domains-list%2F%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/-mi5OWYLWQ4eVmZYyPWdpFfiNddvbq6P7oF1nWKxGFw=430">
<span>
<strong>Cloudflare Scrubs Aisuru Botnet from Top Domains List (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Aisuru botnet, with hundreds of thousands of compromised IoT devices and 30 Tbps DDoS power, manipulated Cloudflare's domain rankings by switching from Google's 8.8.8.8 DNS to Cloudflare's 1.1.1.1 in October. This caused malicious domains, mainly in the .su TLD, to outrank major companies like Amazon and Google due to massive DNS queries. The incident revealed vulnerabilities in trust-based domain ranking systems, which treat highly-ranked domains as trustworthy, and attackers used mainly US-based compromised devices from ISPs such as AT&T and Verizon. Security teams should monitor DNS connections to the .su TLD, block it if needed, and avoid relying solely on domain popularity for trust, as DNS query volume can be artificially inflated by botnets.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.strongdm.com%2Fblog%2Fgartner-magic-quadrant-privileged-access-management%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/dzbHsd_5hcaI2d6HYyWFhlJPizLr7nIKpAZMF6lyH1k=430">
<span>
<strong>How Gartner sees the PAM market - and why StrongDM debuted in the latest Magic Quadrant (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The market is in flux - with new vendors like StrongDM building platforms that focus on authorization, not just authentication, as the primary control plane. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.strongdm.com%2Fblog%2Fgartner-magic-quadrant-privileged-access-management/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/E4_kIMn7i55BHonV71zMzRZ26WI6U5wWM9DASrqk9uI=430" rel="noopener noreferrer nofollow" target="_blank"><span>Read the blog</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Fcisa-warns-of-cwp-vulnerability-exploited-in-the-wild%2F%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/THZQ-rJFJnMul7wmv4srJ2A7cv81EHjsi8HGHUCuGYA=430">
<span>
<strong>CISA Warns of CWP Vulnerability Exploited in the Wild (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A newly discovered critical flaw in Control Web Panel (CWP) lets remote attackers execute commands without authentication.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F11%2Feuropol-and-eurojust-dismantle-600.html%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/oXR31Shbbgf7x9HkNToQ67BUNl704IXsakyQ63q2Gds=430">
<span>
<strong>European Authorities Dismantle β¬600 Million Crypto Fraud Network in Global Sweep (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
In a major international operation, law enforcement agencies have shut down a vast crypto fraud ring, arresting nine suspects accused of laundering β¬600 million.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberscoop.com%2Fapple-security-update-november-2025%2F%3Futm_source=tldrinfosec/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/KJgSIG-nbbNkbudSnXIbV9UnH4UegPQx5TeiFdKXI1g=430">
<span>
<strong>Apple addresses more than 100 vulnerabilities in security updates for iPhones, Macs, and iPads (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Apple released unusually large security updates patching 105 vulnerabilities in macOS 26.1 and 56 in iOS/iPadOS 26.1.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/5-jMivq1JIL4dWMfDT7RE-3oWLFVkt986DaoUY6uo9A=430" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/YzhqRZoGp_qNeR7OtXtg0IpDFGCyRF6Eb0D9CmvJ2RQ=430" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/A6bYdaaF7PSASxAl7_olwfdgVO1PLPPvgKeVcOGO-00=430"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/GGFtef4nVzmRhRel41aiE2LFug1LP48DyvN9Uwi1AJY=430" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/kq0PBk_6Sl1X0YeKzIRXngpKVZVUX-o9FnqhuAsNr1U=430"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/1V0_bdRP1JCk9AONoHW5zClgvgFWHUB28zOIdSc7nN8=430"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/LBjFFikDyRzoIN8GpPwaVTlecqw7Z29EL1ihJpKSfRU=430"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/88tFQOowQTqbDF9_XIfKupiNRoxeGpU4AnPlXI3eTDM=430">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=d7c471fc-baf2-11f0-b11f-6de8da854277%26pt=campaign%26pv=4%26spa=1762437726%26t=1762438052%26s=3e770b3ac961609ef71d1e49360df8f6e395559df4c9d7a0a7d8bd8cb343d67d/1/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/3dLBf5OhGvvLJoaI8Vt-0j8-z9RSpH5U29dHHYwK9mw=430">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019a597e7a8f-ce089160-198b-434f-8396-1092ea38ead5-000000/x5DlcfTaCr9Yis16OHrPIAaasWWisAmTb_ikNWxawA4=430" style="display: none; width: 1px; height: 1px;">
</body></html>