<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">A ransomware attack hit the OnSolve CodeRED emergency alert system, affecting local agencies nationwide in the US and leading to a data breach β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/S5xJ_lM74sLFifCevMbC7ozxz3n-BoGHxCWOeJ7bR54=433" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/Il3T5rI0RWm3LyRAxCC_J-oIPxYV7KtVewN7sH_U4qk=433" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=a1b23af6-cb4e-11f0-bbab-43888e67034a%26pt=campaign%26t=1764252489%26s=3bdbe443c9cd7a4d2d61bbcd790784968b92e1b5ea59dc98f16dd0c2e8310570/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/ylYC_r6MbqX21C5RoEWJMRp0gUlkPIodPBtEDr5C-Go=433"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fspecterops.io%2Fwp-content%2Fuploads%2Fsites%2F3%2F2025%2F07%2FIdentity-APM-Maturity-Model_1034-0.pdf%3Futm_campaign=ContentSyndication_Paid_2025_11_24_TL%253BDR%26utm_medium=Paid%26utm_source=ContentSyndication%26Latest_Campaign=701Uw00000b9aF4/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/t-oQcX_rV8TRbP8UQqxIrjhj6pJhXxnt-BOVbMCTOyc=433"><img src="https://images.tldr.tech/specterops.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="SpecterOps"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-11-27</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fspecterops.io%2Fwp-content%2Fuploads%2Fsites%2F3%2F2025%2F07%2FIdentity-APM-Maturity-Model_1034-0.pdf%3Futm_campaign=ContentSyndication_Paid_2025_11_24_TL%253BDR%26utm_medium=Paid%26utm_source=ContentSyndication%26Latest_Campaign=701Uw00000b9aF4/2/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/1l9OLvDtBP7-zBPvm35C9bkvkcTifhRYLpsBAxS1oRo=433">
<span>
<strong>Attack Paths Don't Take Thanksgiving Off (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Misconfigurations and excessive privileges quietly chain together into routes attackers can use to reach your critical assets β and they aren't taking a Thanksgiving break. <strong>Attack Path Management (APM)</strong> shows identity risk the way adversaries see it, mapping relationships across identities, systems, and permissions so you can prioritize what truly matters.<p></p><p><strong>Want to understand your identity security posture?</strong><br>Take our <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fspecterops.io%2Fapm-maturity-model-assessment-tool%2F%3Futm_campaign=ContentSyndication_Paid_2025_11_24_TL%253BDR%26utm_medium=Paid%26utm_source=ContentSyndication%26Latest_Campaign=701Uw00000b9aF4/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/R5_cqTF09k7C5ZAwEQzM9RLMrSMhuvFCQi3yvL3C484=433" rel="noopener noreferrer nofollow" target="_blank"><span>quick assessment</span></a> to see where your program falls on the maturity spectrum and access our <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fspecterops.io%2Fwp-content%2Fuploads%2Fsites%2F3%2F2025%2F07%2FIdentity-APM-Maturity-Model_1034-0.pdf%3Futm_campaign=ContentSyndication_Paid_2025_11_24_TL%253BDR%26utm_medium=Paid%26utm_source=ContentSyndication%26Latest_Campaign=701Uw00000b9aF4/3/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/bwzRriEHCoB6xISroqPrMJYvoQeJE6RPaUqLAiIbrbI=433" rel="noopener noreferrer nofollow" target="_blank"><span><strong>Maturity Model Report</strong></span></a> for clear guidance to reduce attack paths.</p>
<p>Serve yourself a helping of insights in our <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fspecterops.io%2Fresources%2Fstate-of-apm%3Futm_campaign=ContentSyndication_Paid_2025_11_24_TL%253BDR%26utm_medium=Paid%26utm_source=ContentSyndication%26Latest_Campaign=701Uw00000b9aF4/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/MWxIUwdQccmdLPg0V__BA_PnacCPEiXHmN2PL8xN3HQ=433" rel="noopener noreferrer nofollow" target="_blank"><span><strong>State of APM Report</strong></span></a>.
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Fransomware-attack-disrupts-local-emergency-alert-system-across-us%2F%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/KUgYtEZRJ67VrxqDhaFBBjKIYUkf72ia0tKg9lWwBc0=433">
<span>
<strong>Ransomware Attack Disrupts Local Emergency Alert System Across US (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A ransomware attack hit the OnSolve CodeRED emergency alert system, affecting local agencies nationwide in the US and leading to a data breach. Hackers accessed user data and encrypted systems, causing some areas to lose emergency notification capabilities. Crisis24, a platform provider, is transitioning agencies to a new system and has advised users to change reused passwords.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.techradar.com%2Fpro%2Fsecurity%2Fharvard-university-reveals-data-breach-hitting-alumni-and-donors%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/MY7JABiiId1VWQyIkfuRGpNCSxsEr1d5hNYcVeqeh9M=433">
<span>
<strong>Harvard University reveals data breach hitting alumni and donors (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Harvard University suffered a data breach after a voice phishing attack compromised its Alumni Affairs and Development systems. Personal data like addresses, emails, and phone numbers of alumni, donors, and students were exposed, though financial details and passwords were not affected. Harvard is working with law enforcement. It has warned affected individuals to watch out for phishing attempts.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F11%2Fchrome-extension-caught-injecting.html%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/eNXmyWSEiI5g0_v8bN4m9F8H1uY2ZEia5eM7WyiO9UM=433">
<span>
<strong>Chrome Extension Caught Injecting Hidden Solana Transfer Fees Into Raydium Swaps (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A malicious Chrome extension called "Crypto Copilot" (still available, with 12 installs) silently injects hidden SystemProgram.transfer instructions into Raydium DEX swaps, siphoning 0.0013 SOL minimum or 0.05% of trades over 2.6 SOL to a hardcoded attacker wallet before users sign transactions. The extension uses obfuscation via minification and variable renaming, communicates with a fake backend at crypto-coplilot-dashboard.vercel[.]app, and leverages legitimate services like DexScreener and Helius RPC to appear trustworthy while bypassing Chrome Web Store review. Crypto users should audit all transaction instructions before signing and avoid installing browser extensions that request wallet access. Security teams should monitor for wallet-draining extensions targeting DeFi platforms.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.gitguardian.com%2Fa-complete-guide-to-transport-layer-security-tls-authentication%2F%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/o6oDKfyhMmyz8BCfMkyVXzVpv6X3SPnCy067FYb2zVY=433">
<span>
<strong>A Complete Guide to Transport Layer Security (TLS) Authentication (19 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This comprehensive guide covers TLS authentication fundamentals, including the handshake process, certificate validation chain, and the distinction between server-only authentication and mutual TLS (mTLS) for high-security environments. Key recommendations include enforcing TLS 1.3 (or 1.2 minimum), using forward secrecy cipher suites with ECDHE, storing private keys in HSMs/KMS, and automating certificate lifecycle management via the ACME protocol. For modern architectures, the article emphasizes layering TLS with OAuth 2.0/OIDC for combined machine and user authentication and leveraging service meshes such as Istio for automated mTLS across microservices.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2Foub4K7/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/pMVJ5Tpm9ziHUQovvj2s5DBcNGn0-b_7OB4tDfCpflc=433">
<span>
<strong>Desktop Application Security Standard: Introducing DASVS (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Desktop Application Security Verification Standard (DASVS) is a comprehensive framework for addressing the unique security challenges of desktop applications across Windows, macOS, and Linux. Unlike web or mobile apps, desktop applications operate with significant system access, which demands specialized security controls. DASVS aims to provide clear, actionable verification rules and is being extended with guides and automated assessment tools to help organizations strengthen desktop application protection.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="http://tracking.tldrnewsletter.com/CL0/http:%2F%2Fsecurity.googleblog.com%2F2025%2F11%2Fandroid-quick-share-support-for-airdrop-security.html%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/lMQib9ySfMtps5VDE-c_lWm-X8eJmGEfiAok6_a2br8=433">
<span>
<strong>Android Quick Share Support for AirDrop: A Secure Approach to Cross-Platform File Sharing (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google enabled Quick Share interoperability with AirDrop starting with Pixel 10, using Rust for the core communication layer to eliminate memory-safety vulnerabilities in wireless protocol data parsingβa historically common attack surface. The implementation uses direct peer-to-peer connections without server routing. It underwent internal threat modeling plus independent penetration testing by NetSPI, and was validated as "notably stronger" than other industry implementations with no information leakage. For cross-platform development, Rust's compile-time memory safety guarantees make it ideal for parsing untrusted data from external sources, and Google's approach demonstrates how memory-safe languages can secure interoperability layers between disparate platforms without sacrificing performance.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fwinsecurity%2FMaleficentVM%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/FmtUh2AjAJWi1RTuu0j5hUBKGy1Cl9mPD4UxbJpuc_8=433">
<span>
<strong>MaleficentVM (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A practice VM designed for learning malware development through CTF-style challenges. Exercises include OS enumeration, shellcode injection into target processes, and IAT hooking techniques.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.vijil.ai%2F%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/dEWHyz8vIWkgxf9lDh3hHIGX6jVBiD3RXVFbnjzv78U=433">
<span>
<strong>Vijil (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Vijil helps organizations develop secure, reliable AI agents by providing a platform for testing, hardening, and monitoring agents against risks such as prompt injection. It offers modular agent templates, compliance, and runtime protection for confidential deployments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Frix4uni%2Fxssrecon%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/PVyBwOIsH_9oe8TBbZqzlSvempfUvOA6MHeux6hUggE=433">
<span>
<strong>XSSRecon (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
XSSRecon is a powerful tool designed to help security researchers and penetration testers identify reflected XSS vulnerabilities in web applications. It automates testing URL parameters for the reflection of a test payload and further checks how special characters are handled.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffbi-cybercriminals-stole-262-million-by-impersonating-bank-support-teams-since-january%2F%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/tRCM1pq01V49r4BYPcZnMQsmQVQj0HcRYzFOKV1HDP0=433">
<span>
<strong>FBI: Cybercriminals stole $262M by impersonating bank support teams (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The FBI reported over 5,100 account takeover complaints since January, with attackers impersonating bank staff via calls, texts, and emails to harvest credentials and MFA/OTP codes, then wiring funds to cryptocurrency wallets. Attackers employed SEO poisoning to push phishing sites mimicking financial institutions to the top of search results. Some used dual-impersonation tactics to claim fraudulent transactions and direct victims to fake law enforcement. Defenders should train users to access banking sites via bookmarks rather than search results, and organizations should monitor for brand impersonation in search ads.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F11%2F25%2Fwormgpt_4_evil_ai_lifetime_cost_220_dollars%2F%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/Z9Tod2P9_fDPXyJ4CXWPHQ0lUhx2Acvn9uhWcpRoga4=433">
<span>
<strong>Lifetime access to AI-for-evil WormGPT 4 costs just $220 (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Malicious AI tools like WormGPT 4 and the free KawaiiGPT are making it easier for cybercriminals to generate malware and phishing messages and to automate parts of attacks. While the code requires some human adjustment to evade detection, these "Dark LLMs" significantly lower the barriers to entry for cyberattacks and social engineering.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurityaffairs.com%2F185047%2Fmalware%2Fcisa-spyware-and-rats-used-to-target-whatsapp-and-signal-users.html%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/IFT5aFzyiEpjhN6I2NsPdTci6AeEDHv17NOb_8-e4qI=433">
<span>
<strong>CISA: Spyware and RATs used to target WhatsApp and Signal Users (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Threat actors are using commercial spyware and remote access trojans to target WhatsApp and Signal users. Attacks involve phishing, malicious QR codes, and impersonated apps. They are focusing on high-value individuals worldwide.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ftor-switches-to-new-counter-galois-onion-relay-encryption-algorithm%2F%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/G9XN416gZi-C7KTqur4LtmJcr6kxUqsiLSgJXqFhPSQ=433">
<span>
<strong>Tor switches to new Counter Galois Onion relay encryption algorithm (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Tor has replaced its old encryption algorithm with a new, stronger one called Counter Galois Onion (CGO) to improve user security and privacy.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2025%2F11%2F26%2Fmultiple-london-councils-report-disruption-amid-ongoing-cyberattack%2F%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/qpCmcknmWBEBzgjBDU9yzJ10lPmwoSJmTpdyfHPLmIc=433">
<span>
<strong>Multiple London councils report disruption amid ongoing cyberattack (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A cyberattack has forced three London councils, Kensington and Chelsea, Westminster, and Hammersmith & Fulham, to shut down networks and activate emergency plans.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fpopular-forge-library-gets-fix-for-signature-verification-bypass-flaw%2F%3Futm_source=tldrinfosec/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/0FqemBptRQ7qjKWDakrDh9hWNhZWsYuKg92NOijxmfY=433">
<span>
<strong>Popular Forge library gets fix for signature verification bypass flaw (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CVE-2025-12816 is a high-severity ASN.1 validation flaw in node-forge versions 1.3.1 and earlier (26M weekly NPM downloads) that allows attackers to craft malformed data.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/JOXRNuNKDAyFt1geB0groEFMXLNXnwkyFxTDQnCOcG0=433" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/UOeK1ljg3lVg-CW_9Ie0QyFYs0OVgS_tXrw-_Q0WSsw=433" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/cvN0nGWqeJ4nw9qSNu3oAnFTAhRnU-AC1PhB7Li9ugk=433"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/cGFDWcUxpyIfF2yBtYQATQwE85yfTA8-gWsSwZvqhQE=433" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/0UJHMevCkFIIDkGIE23hdtiZLtg2uSkaQkWmgmLhc84=433"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/UmOQLvcfqPrMePhiJHFoNaEQyeVWOaLAxJ3nn9JoUWA=433"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/Ihz7IvYsh3LZ_NGzyQHd_tcy0CRZa9TnU_ENU7M4qEY=433"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/VBiCTMSVK6_rVXhcR74aSMCDKbF681-dYDCAbJpxSYc=433">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=a1b23af6-cb4e-11f0-bbab-43888e67034a%26pt=campaign%26pv=4%26spa=1764252178%26t=1764252489%26s=0b455e8908513c69c9841f1bb3dac0c492028bf6cfdcf2abce16ca53ccbb2186/1/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/fPQG_IViQdhj0FoVfNQANOhwBef6_nUXb-F_Px26eew=433">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019ac5a497b0-455da812-dde8-4784-886f-ab606e63996b-000000/zzxzc4UDv0BVyYg4iqZLka7Ls15BI2cjTw-CC2YzqKY=433" style="display: none; width: 1px; height: 1px;">
</body></html>