<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Austrian researchers discovered that all 3.5B WhatsApp users can be enumerated. Meta implemented rate limiting to address this issue β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/C3S9fBlF2h6tx4umAld2XBukYP9w0wUuKExXYsrPK3Q=432" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/G91WZW4aIdi3u2w-KVKudgg4E9CMx0Kyj4XXIjUA3CU=432" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=68a367ae-c602-11f0-9f25-8bee96d0d811%26pt=campaign%26t=1763648701%26s=df73c8cacad5f7c7bdb4a31342b439361388c064f225e120a63e28d44f74070c/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/uxGWo4sIVbhUkIuPmTcPUUH7xvJMM3r33kquFAGzgMI=432"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-11%26utm_content=text%26utm_term=ondemand-november-20-primary-infosec-newsletter/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/FZ5FD5QpdrbQEewr7rQ9w4S2gLStzHZYdx1TxkurYYw=432"><img src="https://images.tldr.tech/1password-2.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="1Password"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-11-20</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-11%26utm_content=text%26utm_term=ondemand-november-20-primary-infosec-newsletter/2/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/GR761Gfa12CvloZkkJH0e3G8Om5vgLeR0D-VcB9RiG0=432">
<span>
<strong>On-demand 1Password webinar: Behind the scenes of Reddit's cybersecurity (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
You come to Reddit for expert recommendations. Now hear from the security experts working at Reddit, and learn how they're securing access for their team.<p></p><p>In this webinar, Reddit's Sr. Manager of Enterprise Security & Systems, Nick Fohs, shares the inside story of how his team used 1Password to manage credentials across the entire company. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-11%26utm_content=text%26utm_term=ondemand-november-20-primary-infosec-newsletter/3/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/YQq0f4GS6rx9foREpHTQ9D3L0SRnGFqNQRkE04qXdvI=432" rel="noopener noreferrer nofollow" target="_blank"><span>You'll get a first-hand look at the problems they faced and the impact 1Password has had on security and efficiency.</span></a></p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-11%26utm_content=text%26utm_term=ondemand-november-20-primary-infosec-newsletter/4/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/t4N__q-DXMFR0eM5ZDR4FQoACYXkxn21YkR2P6nR1JE=432" rel="noopener noreferrer nofollow" target="_blank"><span>Watch now</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Frondodox-botnet-malware-now-hacks-servers-using-xwiki-flaw%2F%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/2cnjQ8bItzk13zOPlXA82MYr8hOfytY0mzSFFUCeypk=432">
<span>
<strong>RondoDox Botnet Malware Now Hacks Servers Using XWiki Flaw (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The RondoDox botnet is exploiting a flaw in the XWiki SolrSearch endpoint, using crafted HTTP GET requests to inject base64-encoded Groovy payloads that download and execute malware. The campaign appears to reuse previously identified infrastructure, meaning existing IOC blocklists should effectively mitigate the threat.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.techtimes.com%2Farticles%2F312824%2F20251119%2Fwhatsapp-security-flaw-exposes-35-billion-users-data-basic-publicly-available-information.htm%23cid=3254578%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/7n5pH9HvmIZCwpJVRLBd5UcKFGbXqaIYm-HnM1FZb6s=432">
<span>
<strong>WhatsApp Security Flaw Exposes 3.5B Users' Data From βBasic Publicly Available Information' (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Austrian researchers discovered that all 3.5B WhatsApp users can be enumerated at a rate of 100M users per hour. The researchers used the WhatsApp Web interface to bulk add users and phone numbers and were able to extract phone numbers for all users, profile photos for 57% of users, and profile text for 27%. Meta implemented rate limiting to address this issue, but also stated that the data exposed was basic publicly available information.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fw3-total-cache-wordpress-plugin-vulnerable-to-php-command-injection%2F%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/A_-olYPUM4YV-cRMST9ZHaW7yIVP2nPD4wGyGerraVw=432">
<span>
<strong>W3 Total Cache WordPress Plugin Vulnerable to PHP Command Injection (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
WordPress security company WPScan discovered a vulnerability in the W3 Total Cache plugin that enables unauthenticated attackers to execute code by posting a comment with a malicious payload. A patch is available. WPScan is withholding proof-of-concept details until November 24 to give site owners time to update.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdeepstrike.io%2Fblog%2Fnextjs-security-testing-bug-bounty-guide%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/sBCr1ymmkcIhRZvqA7c-SdVMkidXI5U-zf_DNUYAgXc=432">
<span>
<strong>Next.js Security Testing Guide for Bug Hunters and Pentesters (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Deepstrike released a detailed security guide covering common pitfalls in Next.js applications, noting that while the framework includes strong default protections against template injection and XSS, developers can introduce risk through unsafe patterns like dangerouslySetInnerHtml or third-party templating engines. The guide highlights additional attack surfaces, including SSRF via the image optimization pipeline or misconfigured server actions.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.oligo.security%2Fblog%2Fshadowray-2-0-attackers-turn-ai-against-itself-in-global-campaign-that-hijacks-ai-into-self-propagating-botnet%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/tCAU3TDzOKg0sT8rtGe0deUKpIkzTXEpwf4d_NEzpqw=432">
<span>
<strong>ShadowRay 2.0: Active Global Campaign Hijacks Ray AI Infrastructure Into Self-Propagating Botnet (25 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
ShadowRay 2.0 is a malware campaign targeting Ray, a popular open-source AI framework, to hijack powerful computing clusters and convert them into a global, self-propagating botnet. Attackers exploited legitimate orchestration features within Ray, enabling them to orchestrate compute jobs, steal data, launch DDoS attacks, and autonomously spread across organizations. Attackers quickly weaponized unpatched flaws and misconfigurations in Ray clusters that were mistakenly exposed to the internet.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.hacktron.ai%2Fblog%2Fsupapwn%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/6UpTmVcKojUDln14qxlJKWUFygtwYO3ud1_8iFeSzrI=432">
<span>
<strong>SupaPwn: Hacking Our Way into Lovable's Office and Helping Secure Supabase (23 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
SupaPwn is a multi-stage exploit chain affecting outdated Supabase environments, where weaknesses in privilege controls, host configurations, and cloud credential handling allowed attackers to escalate far beyond expected tenant-level permissions, even reaching infrastructure belonging to other customers. AI tooling accelerated reconnaissance and exploit development, helping researchers validate the chain quickly. Supabase and Lovable patched all affected systems within a day, limiting impact to a small set of outdated deployments.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.endorlabs.com%2Flp%2Fstate-of-dependency-management-2025%3Futm_source=tldr-newsletter%26utm_medium=newsletter%26utm_campaign=dep-mgmt-rep-2025/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/8VulEFrn_KIsn6GFrgIWkk7nii8AvuD1_0GxpZJUj9o=432">
<span>
<strong>49% of dependencies imported by AI agents have known vulnerabilities, and 34% don't actually exist (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The latest <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.endorlabs.com%2Flp%2Fstate-of-dependency-management-2025%3Futm_source=tldr-newsletter%26utm_medium=newsletter%26utm_campaign=dep-mgmt-rep-2025/2/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/7bCFe9QxgyoA0sLsMmJRKtx5Y2e4_6p1d5bCnglWcDk=432" rel="noopener noreferrer nofollow" target="_blank"><span>research from Endor Labs</span></a> analyzed 10,663 GitHub repositories implementing MCP servers, along with large-scale testing of AI-generated dependency recommendations across major ecosystems. Download the report to see how AI coding agents are introducing a new layer of software supply chain risk. Get the <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.endorlabs.com%2Flp%2Fstate-of-dependency-management-2025%3Futm_source=tldr-newsletter%26utm_medium=newsletter%26utm_campaign=dep-mgmt-rep-2025/3/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/KhUkv-R0JagXXO211IymWZ3eIXVLrtdpeYFNrP1xYc8=432" rel="noopener noreferrer nofollow" target="_blank"><span><em>2025 State of Dependency Management report</em></span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fdobin%2FDetonatorAgent%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/f15GIBM7aYSr3Knu-UPyr3EXhMJwIJh4IDKgYnOamD8=432">
<span>
<strong>DetonatorAgent (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
DetonatorAgent is a cross-platform Web API for detonating malware on VMs and collecting EDR logs.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Faydinnyunus%2Fai-captcha-bypass%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/nWVQK8z5Zba2nde_4BbK3ODYbz850rfECOpaUdEtWjc=432">
<span>
<strong>AI-Powered CAPTCHA Solver (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AI-Powered CAPTCHA Solver is a Python CLI tool that uses LLMs to automatically solve various types of CAPTCHAs using an embedded Selenium browser.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fmate.security%2F%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/paZ6nf6k62fbhDGl3mSlweBh8hdGbcSy25rO8M7Rdww=432">
<span>
<strong>Mate (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Mate uses AI agents and reasoning models to automate security incident investigation and response in SOCs, reducing false positives and MTTR and enabling the SOC to learn and improve continuously.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.cloudflare.com%2F18-november-2025-outage%2F%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/V7eHMlh3tUu84_WDn0nubd45oY45-IftcwOy2SchOYw=432">
<span>
<strong>Cloudflare Outage on November 18, 2025 (12 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cloudflare has released its postmortem on the November 18 outage. The incident was traced to a database permissions change that caused oversized Bot Management feature files to be generated. Those files triggered repeated module crashes and widespread 5xx errors. The team initially suspected a DDoS attack, which delayed diagnosis and remediation.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F11%2Fservicenow-ai-agents-can-be-tricked.html%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/UGt6fdEgiIZdTFM1i80wTQcYC8FvJPaHBDoSdta4D-Y=432">
<span>
<strong>ServiceNow AI Agents Can Be Tricked Into Acting Against Each Other via Second-Order Prompts (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
ServiceNow's Now Assist AI agents can be manipulated through second-order prompt injection, where instructions passed between agents trigger unintended actions. Attackers can use this to escalate privileges, steal data, or redirect workflows. ServiceNow claims the behavior matches expected agent chaining, but organizations are urged to monitor agent interactions and harden guardrails.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F11%2F19%2Fthousands_more_asus_routers_pwned%2F%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/KYBD5LZn66DC2VlYJxQRU3kRWmphCQPWrKhoIfHrNy4=432">
<span>
<strong>Tens of Thousands More ASUS Routers Pwned by Suspected, Evolving China Operation (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A major cyber campaign dubbed "Operation WrtHug" has compromised around 50,000 outdated ASUS routers across Taiwan and Southeast Asia by chaining six known vulnerabilities. The activity resembles prior Chinese-linked campaigns. Researchers suspect the operation could support espionage, distinguishing it from traditional botnets by its stealthy data theft behavior.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.adaptivesecurity.com%2Fdemo%2Fadaptive-security-awareness-training%3Futm_medium=newsletter%26utm_source=tldr-infosec%26utm_campaign=20250917/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/96qnnnSG7g7dcaGtj5PFSgatT9__PdiTwl7e7QNH-sM=432">
<span>
<strong>Chat with a deepfake of your boss (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Adaptive Securityβbacked by OpenAI and a16zβstops AI powered social engineering through deepfake simulations, training, and risk scoring. Want to chat with a custom interactive deepfake of your boss? <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.adaptivesecurity.com%2Fdemo%2Fadaptive-security-awareness-training%3Futm_medium=newsletter%26utm_source=tldr-infosec%26utm_campaign=20250917/2/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/BW4Q8d0o1VRn0HS2kTNdZYDTHRDCi8rssk9yAcVoIWU=432" rel="noopener noreferrer nofollow" target="_blank"><span>Book a demo</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsoftware%2Fthunderbird-adds-native-support-for-microsoft-exchange-accounts%2F%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/DBZhnvuPZV4QwgV3C-1Wlax2oCSQuZjP_STsNWzITFQ=432">
<span>
<strong>Thunderbird Adds Native Support for Microsoft Exchange Accounts (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Thunderbird 145 now includes native Exchange Web Services (EWS) support, allowing users to add Microsoft Exchange accounts without relying on third-party extensions.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fmicrosoft%2Fmicrosoft-to-integrate-sysmon-directly-into-windows-11-server-2025%2F%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/dVrJ2gZv3-B7sX1xMS05fD0eBNrSC3cJYyJrb764v5Y=432">
<span>
<strong>Microsoft to Integrate Sysmon Directly Into Windows 11, Server 2025 (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft announced that it will integrate the popular Sysmon tool directly into Windows 11 and Server 2025 next year.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberscoop.com%2Fbulletproof-hosting-providers-sanctions-mitigation-media-land%2F%3Futm_source=tldrinfosec/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/WFJs4B1jLT9tm1JW6Dz9_KOfZRowuj2qAL2Ot1pCXO0=432">
<span>
<strong>Five Eyes Just Made Life Harder For Bulletproof Hosting Providers (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The US, UK, and Australia jointly sanctioned Media Land, a Russia-based bulletproof hosting provider accused of supporting major ransomware groups, including LockBit, BlackSuit, and Play.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/OsuJa6UmzO-4r-sekXOUBY72oCdF_HSVDO2adD29_vc=432" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/SCjYPRDFRHEU-RrZ7t8UXAqQNKs2-g7UdoCX-AgRIHQ=432" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/PtDYqxyFSvqRbN16qR4KAmhuiRnP_JZ_eo2IOpPEN1Y=432"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/CocGE-kQRZuwF6PzV6ebNz3DA_nKiSUaZ5zoPkbqE40=432" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/kYFrnUX8Y60YBNa31Sm3tY0wfwVs7K7keGlVEMV_HVs=432"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/iEf8zOoYmDEuEpQhAWv5HozsnPkciTQrpjaGACxo5zE=432"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/StvVQnsJ1MMOyB08SLjfquH5m_yFF9zX6cORW3v2otk=432"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/WDcOun1yCzWFbh-2oDkzWxB5lkif_8n4ifNTs6NsnZU=432">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=68a367ae-c602-11f0-9f25-8bee96d0d811%26pt=campaign%26pv=4%26spa=1763647308%26t=1763648701%26s=95c067b4abbb0b91411d0871efd0d6f5313f1b96f98808c6641d6ffdffdb8a58/1/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/wW41Xc9nyf4ZEbZtiN7UwRNMd9V1ibJC1aFFvxT1tgo=432">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019aa1a7838d-1732a0bd-5613-4702-97c7-68929d3785b3-000000/EpEKpzN3tNkmP2cEGcablR3VMwDnJlKJl8GRRAx5c3o=432" style="display: none; width: 1px; height: 1px;">
</body></html>