<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Qilin ransomware group breached Cornerstone Staffing Solutions, exfiltrating 300GB, including 120,000 resumes, SSNs, and employee salary data </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/guCEX94djTHz-Gv_cfxd6FJ8POwFEKDPwjm6nSFrRuk=431" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/3g0F6wXvUMUNPINmnOf--n2B2qnSBVu2Er1JwAW42-w=431" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=1e8c33b6-c464-11f0-9e02-11b5f264909b%26pt=campaign%26t=1763482210%26s=d1c0217785141db3737651820fe6819735e5b18a54968fd632ae3e7b64a147ca/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/yWtnTGgDZkWznO8_hfV3i-d_PRdlOYhfYYxGtB-qbG8=431"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.adaptivesecurity.com%2Fdemo%2Fsecurity-awareness-training%3Futm_medium=newsletter%26utm_source=tldr-infosec%26utm_campaign=20251118/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/C0oyXBBqeDfoDvYC7tvl670oo5H_Rvet3dNILeGDojE=431"><img src="https://images.tldr.tech/adaptive.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Adaptive Security"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-11-18</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.adaptivesecurity.com%2Fdemo%2Fsecurity-awareness-training%3Futm_medium=newsletter%26utm_source=tldr-infosec%26utm_campaign=20251118/2/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/0r9r7lNfUp_zP_myRTyPrnRw5BFt4bDbU2W-ag2K-3o=431">
<span>
<strong>When your CEO calls, will you know it's real? (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Today's phishing attacks involve AI-generated voices, videos, and interactive deepfakes of company executives. They fool 99% of people.<p></p><p>Adaptive Security - backed by <strong>$65M+ in funding from OpenAI and a16z</strong> - is the first <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.adaptivesecurity.com%2Fdemo%2Fsecurity-awareness-training%3Futm_medium=newsletter%26utm_source=tldr-infosec%26utm_campaign=20251118/3/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/ZL28_hYfAdt7-n8Yk4ZLt06yOUWMTQazy9fLhon6PrA=431" rel="noopener noreferrer nofollow" target="_blank"><span>security awareness platform built to stop AI-powered social engineering</span></a>. Adaptive trains your team with tools that stay one step ahead:</p>
<ul>
<li>Deepfake attack simulations featuring your real executives in realistic attack scenarios</li>
<li>Interactive, personalized training content tailored for each employee</li>
<li>AI-driven risk scoring that reveals what attackers can learn from your public data</li>
</ul>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.adaptivesecurity.com%2Fdemo%2Fsecurity-awareness-training%3Futm_medium=newsletter%26utm_source=tldr-infosec%26utm_campaign=20251118/4/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/kXmwCjCfRP7GxUPbiN-MD4JxT5qKGcgeCyKcnxQZ97o=431" rel="noopener noreferrer nofollow" target="_blank"><span><strong>>> Book a demo</strong></span></a><strong> </strong>and chat with a custom interactive deepfake of your CEO</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.adaptivesecurity.com%2Fdemo%2Fself-guided-tour%3Futm_medium=newsletter%26utm_source=tldr-infosec%26utm_campaign=20251118/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/DuFl1Zxs39nHkSFJD50uzfNE1w4htB4NcLp98yivnVg=431" rel="noopener noreferrer nofollow" target="_blank"><span><strong>>> Take a tour</strong></span></a><strong> </strong>of the platform (3 minutes)
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🔓</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F6yrutW/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/9Ca_q-deCF-luFhzmSLcqAmCaIsq1h8YsM3uiGHrizs=431">
<span>
<strong>Cornerstone staffing ransomware attack leaks 120,000 resumes, claims Qilin gang (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Qilin ransomware group breached Cornerstone Staffing Solutions, exfiltrating 300GB, including 120,000 resumes, SSNs, employee salary data, and internal financial records. The Russian-linked group has become 2025's most active ransomware operation with 991 victims since 2023, employing double extortion tactics and recently allying with LockBit and DragonForce. Security teams should expect increased targeting of staffing agencies and organizations storing large volumes of PII. Threat actors are leveraging the stolen resumes for sophisticated phishing campaigns.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Flogitech-confirms-data-breach-following-designation-as-oracle-hack-victim%2F%3Futm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/ihPUfcOHQxdMcxYYIgZY6qoYEOg0M2X7USDJidXES7o=431">
<span>
<strong>Logitech Confirms Data Breach Following Designation as Oracle Hack Victim (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Logitech has acknowledged a data breach after being listed by Cl0p ransomware, but did not confirm a connection to Oracle. The attack likely exploited a zero-day vulnerability in third-party software, allowing some employee, consumer, customer, and supplier information to have been copied. No sensitive data, such as IDs or credit cards, appears to have been affected.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F11%2F17%2Feurofiber_breach%2F%3Futm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/_ljQ7ya7XVl_RKEYrvnG1DHX2OlCbkjZQgJhYr-w6c4=431">
<span>
<strong>Eurofiber admits crooks swiped data from French unit after cyberattack (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Eurofiber's French branch suffered a cyberattack on November 13 that exposed company data through a vulnerability in its ticket platform. Eurofiber claims that no banking data was exfiltrated, and the flaw has now been resolved. However, the attackers sought extortion for an unspecified amount of data. The company is working with authorities and clients to determine the incident.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧠</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Faws.amazon.com%2Fblogs%2Fsecurity%2Fusing-aws-secrets-manager-agent-with-amazon-eks%2F%3Futm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/DKgxVMflwEmyBkHwcY5pvEg1WUeO3bTKxPqBauoxWXg=431">
<span>
<strong>Using AWS Secrets Manager Agent with Amazon EKS (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AWS Secrets Manager Agent simplifies the retrieval of secrets in EKS clusters. The Secrets Manager Agent is a client-side agent that retrieves and caches secrets in your compute environment, allowing applications to consume secrets directly through an in-memory cache via a local HTTP endpoint. The agent implements pod identity to provide authentication and access control.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fpulsesecurity.co.nz%2Farticles%2Fbypassing-wifi-client-isolation%3Futm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/VPouWyGVg31B3N0LfSzWRdP2KeXRbs1IFJPGiJY9liA=431">
<span>
<strong>Bypassing WiFi Client Isolation (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Client isolation is a security feature that prevents devices connected to the same network from communicating directly with each other. A device can spoof WiFi frames with the From-DS to bypass the Access Point (AP) and make a client think the communication is coming from the distribution system instead of directly from a client. In an encrypted network, the attacker will also need to spoof the WPA 4-way handshake or use a tool like aircrack-ng to deauthenticate a victim device.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧑💻</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.youtube.com%2Fplaylist%3Flist=PL0afnnnx_OVBJFAJKhUnZNPJtzbcB_owK%26utm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/Bp5eCkQgPoXiX2bk9nYd1jJ4NSzqexrjEnPZjIyE2eQ=431">
<span>
<strong>Hear CISO stories from the frontline in the Wake Up! Podcast by Veeam (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Meet the humans behind the attacks. Hear real stories from CISOs who faced a cyber crisis including how they navigated the chaos, made tough calls, and built resilient teams. Learn what they did right (and wrong). Listen on <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fopen.spotify.com%2Fshow%2F5L0EZacHliEMNi5KC6whaf%3Fflow_ctx=e9757686-c4ea-4979-927d-96fd8628a930:1761264021%3Futm_source=tldr%26utm_medium=email%26utm_campaign=2025-veeam-brand%26utm_content=wake-up-vodcast/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/-W9_XI1TK9pCq9t3Skhh9lBDSoRe7asLa5L3SW_kg7M=431" rel="noopener noreferrer nofollow" target="_blank"><span>Spotify</span></a> / <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fpodcasts.apple.com%2Fus%2Fpodcast%2Fwake-up-by-veeam%2Fid1848185110%3Futm_source=tldr%26utm_medium=email%26utm_campaign=2025-veeam-brand%26utm_content=wake-up-vodcast/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/ZWwQCsm3wLr_VOtjH4tYMFt6YcmlJwgUFzyt3bkhzgo=431" rel="noopener noreferrer nofollow" target="_blank"><span>Apple</span></a> / <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.youtube.com%2Fplaylist%3Flist=PL0afnnnx_OVBJFAJKhUnZNPJtzbcB_owK/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/N0LyrT9iXhbA4bJJuEyZgaaSeycjKiIExfWII8BrZFc=431" rel="noopener noreferrer nofollow" target="_blank"><span>Youtube</span></a>, or explore additional resources on Veeam's <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.veeam.com%2Fbe-ready%3Futm_source=tldr%26utm_medium=email%26utm_campaign=2025-veeam-brand%26utm_content=wake-up-vodcast/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/dstq4Yc8CKY6q0nUkXRJ_lMxirqreODLOnUp4hzZcbc=431" rel="noopener noreferrer nofollow" target="_blank"><span><em>be: Ready</em> hub</span></a>.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fportal26.ai%2F%3Futm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/MBSEDI2N2IrOzeKDENUzYxby62aShl5mYQtSb1JteMA=431">
<span>
<strong>Portal26 (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Portal26 provides organizations with a platform to monitor, analyze, secure, and optimize generative AI use by benchmarking usage, enforcing security policies, preventing data leaks, and scoring based on risk and ROI.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fwazuh%2Fwazuh%3Futm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/xg7Bs3nHQMPM2gjyjq1HAoS3Kz5ESEHsNPhOzXHkMeE=431">
<span>
<strong>Wazuh (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Farm%2Fmetis%3Futm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/iydEcpoqkyOkh06bCFksBKN4Hy5pt7qQrvCevCC6xBk=431">
<span>
<strong>Metis (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Metis is an AI-driven tool for deep security code review created by Arm's Product Security Team.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🎁</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fsecurity%2F2025%2F11%2Fresearchers-question-anthropic-claim-that-ai-assisted-attack-was-90-autonomous%2F%3Futm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/_86azLTFaNZND9YympE1iG12n96dCuiIbut_-oBBt-0=431">
<span>
<strong>Researchers question Anthropic claim that AI-assisted attack was 90% autonomous (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Anthropic reported a major AI-driven cyber espionage attempt using Claude AI, claiming it automated 90% of hacking steps for suspected Chinese attackers. However, outside experts challenge this view, saying such full automation is exaggerated, as most attacks were not successful, and the AI often fabricated results.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurity.googleblog.com%2F2025%2F11%2Frust-in-android-move-fast-fix-things.html%3Futm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/Y3Gp1iV6untYtLXK7i-LijGtJ8aJMA7WyEoyYH-RGHQ=431">
<span>
<strong>Google Online Security Blog: Rust in Android: move fast and fix things (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google's use of Rust in Android has led to a 1,000x reduction in memory safety vulnerabilities compared to C/C++, while also accelerating software delivery. Rust's adoption means fewer code reviews, reworks, and rollbacks, making it now integral to Android's kernel, firmware, and apps, delivering greater safety and efficiency, even as rare bugs are quickly fixed without undermining overall security benefits.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffive-plead-guilty-to-helping-north-koreans-infiltrate-us-firms%2F%3Futm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/CBV38fqhgu0FEiPRYQkTIEHcrLNdNXI7UzqRb2TUKeU=431">
<span>
<strong>Five plead guilty to helping North Koreans infiltrate US firms (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Five individuals pleaded guilty to facilitating North Korean IT worker infiltration schemes that compromised 136 US companies and generated over $2.2 million for the DPRK regime through stolen and false identities. The operation involved identity theft from 18 US persons, salary funneling to North Korea, and data exfiltration. Meanwhile, the DOJ separately moved to seize $15 million in cryptocurrency stolen by APT38/Lazarus from four 2023 exchange heists totaling $382 million. Organizations should strengthen identity verification for remote workers, implement behavioral analytics to detect credential sharing or anomalous access patterns, and monitor for data exfiltration to foreign adversary infrastructure.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">⚡</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fmicrosoft%2Fmicrosoft-windows-10-kb5068781-esu-update-may-fail-with-0x800f0922-errors%2F%3Futm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/WdORoM7wnBemPkaXx545sn0ZAEHDpzaG8VzaP7DFbJE=431">
<span>
<strong>Microsoft: Windows 10 KB5068781 ESU update may fail with 0x800f0922 errors (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft's first Windows 10 Extended Security Update (KB5068781) is failing to install with error 0x800f0922 on devices using Windows subscription activation through Microsoft 365 Admin Center.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Featon-works.com%2F2025%2F11%2F17%2Fcracker-barrel-hack%2F%3Futm_source=tldrinfosec/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/KAh2RXdf6QInPIRfG2lFhG4K3Ok65wwDql_Epr13XDI=431">
<span>
<strong>A Cracker Barrel vulnerability (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cracker Barrel's updated company rewards were exposed by simply altering the authentication logic in a ReactJS app.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/TVhznKaOlvlKCBFIPgcDWqBjtzAL3ujgxsr0VS88_Vs=431" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/urMOicBr6DREaet02zUNd1LYTRgD3SuvBVbHK-axmiw=431" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? 📰
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/v8b5U_MXlFOHkRUpX4srVAxCYo7FukFLu8t2iS3SQTY=431"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? 💼
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/dxsskfkn_dAYZ3Nha61y9_kDcnS91Yf4qCXnqv0c5iI=431" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/3xU_Yyt6RbgIjgY74wJx7rXRb75qrIe6iZ0M3GHA-f4=431"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/p_0us4d3isTHaHxkgFy5LWtPnG3cDddplenzhqZQyxQ=431"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/dvc1j7ILYLDrnWbo-tFvaba3HrK-NWDPknjCP8L3vlc=431"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/5VCeSORRsuUFShi8NJRd8n5qDmMFA2Wh-eC4XvmKAQM=431">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=1e8c33b6-c464-11f0-9e02-11b5f264909b%26pt=campaign%26pv=4%26spa=1763481731%26t=1763482210%26s=acef06965fbfaf6c1c586e278672e92d32ded7285422e887c3123126a1879d71/1/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/YK1TFiMNtDGLJeOdMEoKl3busdqVlJm2BBy1TkMmSyE=431">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019a97bb0fdd-3869c657-17ad-4290-879a-5be0ec0ce72d-000000/XP8ldI2SMOf8bvmhtDTodtyT236PMYj25Gtt-xKUxM0=431" style="display: none; width: 1px; height: 1px;">
</body></html>