<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Hyundai AutoEver America, which provides IT services for Hyundai and Kia affiliates, reported a data breach. The breached data includes names β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/1EOmbbAKXUfQCQzp9cYDYCpalIpm8Uv_XXQAPzObNxE=430" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/erjwA97i9ThOo2aFKV6f88ECCh308Hkb3MuhRQITsYQ=430" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=48d56736-bbbe-11f0-a966-2f56356d515d%26pt=campaign%26t=1762524366%26s=55fb67141f1678f150de388dff69903fda073a83a93a59a34f40b476cd37e379/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/Z6ZJ8qSbNQWgNR5aRxxj_lAbH8CR3EEtvtAearmturE=430"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-11%26utm_content=text%26utm_term=live-november-7-primary-infosec-newsletter/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/14Zijljjhyl6-RnBhswLhnnAV2v2dRhJpXdhR71fXAc=430"><img src="https://images.tldr.tech/1password-2.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="1Password"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-11-07</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-11%26utm_content=text%26utm_term=live-november-7-primary-infosec-newsletter/2/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/KuO_nMMDuRy2UNgRcDRqjI3O8Knps1oP3h4_4ozjMf8=430">
<span>
<strong>Webinar: How Reddit matured access management with 1Password (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Poorly-managed passwords are the #1 cause of breaches, and they leave IT teams struggling with fragmented access management and manual onboarding/offboarding processes. Reddit was dealing with all these challenges, plus a compromised security vendor. They needed a solution that reduced credential risk without slowing down their employees.<p></p><p>In this webinar, Reddit's Sr. Manager of Enterprise Security & Systems, Nick Fohs, shares the inside story of how his team used 1Password to manage credentials across the entire company. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-11%26utm_content=text%26utm_term=live-november-7-primary-infosec-newsletter/3/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/PIQbYYId3iY5AdncZXpHbkGFoYpY1m1Y8D3Pekw87Eo=430" rel="noopener noreferrer nofollow" target="_blank"><span>You'll get a first-hand look at the problems they faced, and the impact 1Password has had on security and efficiency.</span></a></p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-11%26utm_content=text%26utm_term=live-november-7-primary-infosec-newsletter/4/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/vHCx6Nnl4mepxEvZEp5m2fDd52pBvK7uM4sFeXzX364=430" rel="noopener noreferrer nofollow" target="_blank"><span>Register now</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhyundai-autoever-america-data-breach-exposes-ssns-drivers-licenses%2F%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/ahqJ8V_Ji2YGshW8nDmxGNX_Bxgp9IbGgFenamW5cc0=430">
<span>
<strong>Hyundai AutoEver America Data Breach Exposes SSNs, Drivers Licenses (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Hyundai AutoEver America, which provides IT services for Hyundai and Kia affiliates, reported a data breach. The breached data includes names, SSNs, and driver's licenses. The disclosure did not state whether the breach only included employee data or also included customer data.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalicious-android-apps-on-google-play-downloaded-42-million-times%2F%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/O_LVNAlZeOUmS3PzWaUlnCFAb9jCQqdr_AmJj-j1dmY=430">
<span>
<strong>Malicious Android Apps on Google Play Downloaded 42M Times (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers from Zscaler report that an estimated 239 malicious apps were downloaded 42 million times from the Google Play Store between June 2024 and May 2025. Zscaler noted a 67% year-over-year growth in malware targeting mobile devices during this period. Zscaler has identified three malware families that had a notable impact on Android users: the Asta banking trojan, the Android Void Android TV backdoor, and the Xnotice RAT.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.wordfence.com%2Fblog%2F2025%2F11%2F400000-wordpress-sites-affected-by-account-takeover-vulnerability-in-post-smtp-wordpress-plugin%2F%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/awFKTraamg3JZGLRfd1jzfNEBlhjbyGikB04q4ERhes=430">
<span>
<strong>400,000 WordPress Sites Affected by Account Takeover Vulnerability in Post SMTP WordPress Plugin (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Over 400,000 WordPress sites are at risk due to a severe vulnerability in the Post SMTP plugin, which allows hackers to view password reset emails and potentially take over accounts. Exploitation is already underway. Users must urgently update to version 3.6.1 to prevent their site from being compromised.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Faws-credentials-misconfigurations-cloud-breaches%2F%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/39nc0XdweOO4e3F4kBDhi-z-mPKUVx25vGNUM3g1OEI=430">
<span>
<strong>Credentials and Misconfigurations Behind Most Cloud Breaches, Says AWS (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The 'Building Cloud Trust" report by AWS and Vanson Bourne surveyed 2,800 organizations across 13 countries, revealing that about 80% experienced data breaches in the past year, with common attack vectors including vulnerability exploitation, compromised credentials, misconfigurations, and physical theft. Attackers are increasingly using stolen credentials through methods like VPN/VDI abuse, AI-enabled phishing, and legitimate tool exploitation, with a predicted shift toward targeting non-human identities protected by single-factor authentication. To combat these threats, security teams should focus on cloud security posture management, adopt phishing-resistant MFA, enforce least privilege access, and prioritize patching internet-facing infrastructure, while acknowledging human error as a primary cause.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frisk3sixty.com%2Fblog%2Fattacking-self-hosted-gitlab%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/RBRxLOkRToT0ZxwqHrTvBPqo_AlzdhF7FgM-CdTDIiQ=430">
<span>
<strong>Breaking Into GitLab: Attacking and Defending Self-Hosted CI/CD Environments (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attackers can abuse globally scoped GitLab instance runners to execute arbitrary code and pivot into cloud environments if runners are configured with shell executors and attached IAM roles. Once a runner is compromised, the attackers can scrape build artifacts and environment files to steal secrets, SSH keys, or cloud credentials. Strategic defense centers on eliminating global runners, enforcing containerized job isolation, tightening IAM role scoping, and restricting access to the GitLab instance to reduce blast radius.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fconnormcgarr.github.io%2Fsecure-calls-and-skbridge%2F%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/89yXXXV6E4Up-WPVklnheXTsjyMecrwvcyEawcSJsos=430">
<span>
<strong>Windows Internals: Secure Calls - The Bridge Between the NT Kernel and Secure Kernel (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Secure Calls are a mechanism in Windows that allows the βregularβ (NT) kernel, residing in virtual trust level (VTL) 0, to communicate with the secure kernel (SK) operating in VTL 1. Secure calls are implemented as a hypercall with the hypervisor brokering the connection. In this post, the author reverse-engineers the secure call process and structure and introduces a tool for making secure calls with user-supplied arguments.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.vectra.ai%2Flp%2Fdemo%3Futm_source=tldr%26utm_medium=display%26utm_campaign=26Q3_C_AMS_PRO_TLDR-Newletter/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/bzwP3xNgScBVQuWKWr0pdrSlcDh-1DWIBj6Jl4-rDgk=430">
<span>
<strong>Texas A&M saved $7M with Vectra AI β see how it works in real time (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
When cloud, identity, and network tools operate in silos, they can't stop fast-moving attacks. Vectra AI's Attack Signal Intelligenceβ’ connects the dots for faster MTTD, fewer false positives, and stronger SOC performance. See how in the <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.vectra.ai%2Fresources%2Fbest-practices-guide-how-to-test-an-ndr-solution-effectively%3Futm_source=tldr%26utm_medium=display%26utm_campaign=26Q3_C_AMS_PRO_TLDR-Newletter/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/IOFg_ozs-nPCMwDQgBRpfGGDfwqgoPxRVdn-z3VZmNU=430" rel="noopener noreferrer nofollow" target="_blank"><span>Best Practices Guide: How to Test an NDR Solution Effectively</span></a>. Want to experience it firsthand? <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.vectra.ai%2Flp%2Fdemo%3Futm_source=tldr%26utm_medium=display%26utm_campaign=26Q3_C_AMS_PRO_TLDR-Newletter/2/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/YxG8AwkZRNm3kx9g0lQ8klWRQSw3LX5k2skOJn9aL1Y=430" rel="noopener noreferrer nofollow" target="_blank"><span>Book a demo</span></a>.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Flwthiker%2Fcurl-impersonate%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/_Y_DIdkwd4-6uXkY0uSUZ1kT20WgVZ71Oy7Ekpr70lY=430">
<span>
<strong>curl-impersonate (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
curl-impersonate is a special build of curl that can impersonate Chrome, Edge, Safari, and Firefox.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2F6mile%2Fundelete%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/EiLbPALdD16a219PfI2iapbavvFHwzivVmRMgm9Laag=430">
<span>
<strong>undelete (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This tool recovers deleted NPM packages by querying five registries (npmjs.org, cnpmjs.org, npmmirror.com, huaweicloud.com, and tencent.com) to download 1-20 recent versions with metadata, including usernames, emails, and maintainer information, utilizing auto-retries and security filtering. Security researchers can retrieve discontinued malicious packages for malware analysis and threat intelligence. Features include custom output, silent mode with JSON, and no external dependencies, making deployment easy. Teams use this for post-incident recovery, building malware collections, and investigating suspicious packages that have been quickly removed from NPM.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.malanta.ai%2F%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/GJgv7PVTM7-uPeAXnynCra63ONMd-1EJSH_PDW4tjKA=430">
<span>
<strong>Malanta (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Malanta is a cybersecurity startup that utilizes AI to detect digital traces left by attackers during their attack setup, forecasting, and dismantling malicious infrastructure before attacks occur. Its technology provides warning in advance and proactive defense for clients.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberscoop.com%2Fus-cyber-readiness-crisis-f5-breach-cisa-job-cuts-shutdown-op-ed%2F%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/y0pHUz078HsxZjDND5_a26oHmZLOGgFVUdp4f6sAp4g=430">
<span>
<strong>How the F5 breach, CISA job cuts, and a government shutdown are eroding US cyber readiness (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A China-linked breach of F5's BIG-IP software exposed source code and undisclosed vulnerabilities, creating a path for custom exploits against critical infrastructure and government networks. At the same time, significant workforce cuts at CISA and a federal shutdown are degrading incident response capacity, election protection efforts, and national coordination. Security teams should assume reduced federal support and prioritize proactive hardening, continuous monitoring, and supply chain risk management across high-impact edge and network devices.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fai.meta.com%2Fresearch%2Fpublications%2Fcybersoceval-benchmarking-llms-capabilities-for-malware-analysis-and-threat-intelligence-reasoning%2F%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/PfHxCTeS-81fc-RRGJqFBj55OgUhJ8wuwOeOl0aD2dE=430">
<span>
<strong>CyberSOCEval: Benchmarking LLMs Capabilities for Malware Analysis and Threat Intelligence Reasoning (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers from Meta and CrowdStrike introduced the open-source CyberSOCEval benchmark to assess large language models (LLMs) on two critical SOC tasks: malware analysis and threat intelligence reasoning. Technical findings show that current models score only ~15-28% on malware analysis and 43-53% on threat-intelligence reasoning, highlighting significant gaps in interpreting JSON logs, mapping attack chains to MITRE ATT&CK, and reasoning about multi-hop adversaries. Security teams should be cautious about off-the-shelf LLM reliance, instead using these benchmarks to validate models, augment human analysts rather than replace them, and prioritize training with domain-specific cyber data.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FcLXf6k/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/i-VcfhlrNLOlrK3IwXGNPr5u0QIwOJkkP9QeOxMzr1A=430">
<span>
<strong>Meta is Earning a Fortune on a Deluge of Fraudulent Ads (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Internal documents from late last year predicted that Meta would earn about 10% of its overall annual revenue ($16 billion) from fraudulent ads. Meta's automated system only bans advertisers if it is 95% certain that the ads are malicious. Otherwise, the advertisers are simply charged a higher rate. Documents also show that users who click on these scams or malicious ads are more likely to see them in the future.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberscoop.com%2Fcourt-reimposes-original-sentence-for-capital-one-hacker%2F%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/qOQOBxuC1jOAWfpUMFtUO_tKwuaGewYOWbWRyVIgw04=430">
<span>
<strong>Court reimposes original sentence for Capital One hacker (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A federal judge reaffirmed a non-custodial sentence for the engineer behind the massive Capital One breach, maintaining supervised release and restitution rather than prison time despite appeals arguing the punishment was too lenient.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F11%2F05%2Fms_pegs_cyberattack_cleanup_costs%2F%3Futm_source=tldrinfosec/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/sJ4A41jUIAwWJVHSUFFPMBAyXuVG42BHdL8YIxgzon0=430">
<span>
<strong>M&S pegs cyberattack cleanup costs at Β£136M as profits slump (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Marks & Spencer faced a Β£136 million cleanup bill for a cyberattack, which hurt profits, as the retailer struggled with halted online operations and expensive recovery efforts, resulting in a drop of over 55%.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FGg53Pe/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/EU8k6fulcIc5YvYSEYaZ5tvhPx5iJ_uPO7AZKdpwYMc=430">
<span>
<strong>SonicWall Firewall Backups Stolen by Nation-State Actor (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Nation-state attackers breached SonicWall's cloud backup, stealing firewall configs but no other data.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/Oie0ViGZkDBO2V1wW3_Esc8JdQditF76CF6orZXBoU4=430" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/RABoR-vIcMSNxT7UC7U0yKVHJc4xf57hXYjs5usp8_c=430" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/ZJNxjB-WGdEr5a9HN2nW1AtCjfNdmLhWwcmJWwf1MsI=430"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/VI_bv4qa-CEdYEli4O6bMDUk6HCoR0jHfR8Dxx7IdfE=430" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/UFcfG1hWUXm0a7VyYz6ZnSEEGRd21PpYmG-0a1ju0RM=430"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/ezuYwqp_6rIgs8i50CY1TpocC8RjAV6IPVezmwUbBLw=430"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/hMwcDilZAramgZXQmcsUw69k3zyVZDuvh8WSH43A42Y=430"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/drT3o3wLY30Vdn0z9ptzJXgVqWOCuAEBTDX7ILJLp6E=430">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=48d56736-bbbe-11f0-a966-2f56356d515d%26pt=campaign%26pv=4%26spa=1762524061%26t=1762524366%26s=e7f21456f439a06bab559709cc6f0a431803312c8462c242f37b5d1111fe96da/1/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/jO0ezFCy5HNE2M3TT7-HXy4LfRhJqI9E0PfNQa_D93c=430">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019a5ea38671-0e1ad68f-569a-4556-9719-ca5c31d2af36-000000/h_Cd1plY4CYXI43nYms4BIvAbsPeva_EAhi88jbnJPE=430" style="display: none; width: 1px; height: 1px;">
</body></html>