<!DOCTYPE html><html lang="en"><head>
<meta http-equiv="Content-Type" content="text/html charset=UTF-8">
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width">
<meta name="x-apple-disable-message-reformatting">
<title>TLDR InfoSec</title>
<meta name="color-scheme" content="light dark">
<meta name="supported-color-schemes" content="light dark">
<style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style>
<!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]-->
</head>
<body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">A critical flaw in React 19 allows attackers to execute code remotely on applications that use newer server-side features and common frameworks โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ โ </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document">
<tbody>
<tr>
<td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600">
<tbody>
<tr class="inner-body">
<td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr class="header">
<td bgcolor="" class="container">
<table width="100%">
<tbody>
<tr>
<td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%">
<tbody>
<tr>
<td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/U3WeK-L-HdmbxV-Nn-Jk2Jdww1K4N3gAL6UznHR_Hoo=434" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/4azeNjp5DC4NBTmhGdBLBHKTlunGnsb-wklrPZeYQAY=434" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=b4d293a8-d1c3-11f0-a046-5db5ccc95afc%26pt=campaign%26t=1764943677%26s=1a190e31070832b6425896a81375d550214f09e18697a9f866cb583b98d4a479/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/Hd4ayi7TQwjhTi4_7QJnZe_k8_yB_hN1tN2BlUe_3mA=434"><span>View Online</span></a></span>
<br>
</span></div>
</td>
</tr>
</tbody>
</table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td>
</tr>
</tbody>
</table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr id="together-with">
<td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fztw.com%2F/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/QernH4CECD9SmrkOwJ5MJ-_NUqvryoTcVHaUDNcdkp0=434"><img src="https://images.tldr.tech/threatlocker3.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="ThreatLocker"></a></td>
</tr>
</tbody>
</table>
<table style="table-layout: fixed; width:100%;" width="100%">
<tbody>
<tr>
<td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-12-05</span></strong></h1>
</div>
</td>
</tr>
</tbody>
</table>
<table style="table-layout: fixed; width:100%;" width="100%">
<tbody>
<tr id="sponsy-copy">
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fztw.com%2F/2/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/VxZuHsDZxim1wlvSV5aF4Z9bkb6FYSDOUqAKNmw7Uys=434">
<span>
<strong>Special offer for TLDR readers: $200 off Zero Trust World 2026 with code ZTWTLDR26 (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
ThreatLocker's annual <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fztw.com%2F/3/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/u-TeMS5ACvvlIjkYY738I08OO8EFueSkV5Oiy0OvLI8=434" rel="noopener noreferrer nofollow" target="_blank"><span>Zero Trust World</span></a> is the most interactive, <strong>hands-on cybersecurity learning</strong> event. Join hacking labs, get Cyber Hero certified, and attend sessions with cybersecurity, IT, and business experts.
<p></p>
<p>๐ TLDR readers get <strong>$200 off all-access registration</strong>. That's <strong>33% less than the list price</strong>. </p>
<p>๐ Registration includes all sessions and labs (including CPE eligible sessions!) </p>
<p>๐นAt <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fztw.com%2F/4/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/W7N5aF2B_ZSJhddoqlJb90J21AEYn_P1vEiLTHq7YCg=434" rel="noopener noreferrer nofollow" target="_blank"><span>Zero Trust World</span></a>, all access really means all access, so meals and the afterparty are included with each pass. </p>
<p>Use code <strong>ZTWTLDR26</strong> for <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fztw.com%2F/5/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/Zzt7RkYpvQozRU8UqLQKZ7lWLH5sdaA5n1k9H8P7b_s=434" rel="noopener noreferrer nofollow" target="_blank"><span>$200 off your all-access pass</span></a>
</p>
</span></span></div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr bgcolor="">
<td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td>
</tr>
</tbody>
</table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td>
</tr>
</tbody>
</table>
<table style="table-layout: fixed; width: 100%;" width="100%">
<tbody>
<tr>
<td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2025%2F12%2F03%2Ffintech-firm-marquis-alerts-dozens-of-us-banks-and-credit-unions-of-a-data-breach-after-ransomware-attack%2F%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/mZC66M6pjMSFd67QFPwy0hxgl4Ql0OByNpvekFHN2NI=434">
<span>
<strong>Fintech firm Marquis alerts dozens of US banks and credit unions of a data breach after ransomware attack (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Marquis, a Texas-based fintech that provides marketing and compliance services to over 700 US banks and credit unions, suffered a ransomware attack on August 14 that exploited a zero-day vulnerability in SonicWall. Attackers stole sensitive customer data, including names, contact details, financial account numbers, and Social Security numbers, impacting at least 400,000 people so far. The total is expected to grow as more state notifications are filed.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Freact2shell-in-the-wild-exploitation-expected-for-critical-react-vulnerability%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/gWNaULS2eZoHFeWMpPSblnZIqfcVFV_oQPOQH2xXgr0=434">
<span>
<strong>React2Shell: In-the-Wild Exploitation Expected for Critical React Vulnerability (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A critical flaw in React 19, dubbed React2Shell, allows attackers to execute code remotely on applications that use newer server-side features and common frameworks. Many cloud environments are reportedly exposed. Vendors are already shipping detection and protection rules.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Ffreedom-mobile-discloses-data-breach-exposing-customer-data%2F%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/YJe1aJmpgiGMENx4owdXZXLW2kSssssTkDUULIHfXdI=434">
<span>
<strong>Freedom Mobile Discloses Data Breach Exposing Customer Data (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Freedom Mobile, Canada's fourth-largest wireless carrier, disclosed a data breach impacting an undisclosed number of customers. The breached data includes first and last names, home addresses, dates of birth, home and/or cell phone numbers, and Freedom Mobile account numbers. The data was breached via the account of a subcontractor. Ransomware was not involved.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐ง </span></div>
</div>
</td>
</tr>
</tbody>
</table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td>
</tr>
</tbody>
</table>
<table style="table-layout: fixed; width: 100%;" width="100%">
<tbody>
<tr>
<td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcotool.ai%2Fblog%2Fevaluating-gpt-5-1-claude-opus-4-5-and-gemini-3-pro-ai-agents-in-security-operations%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/9TOcS22YOdalF06Wv5BoJyEYFzikbENPYZAcgJ1XfLo=434">
<span>
<strong>Evaluating AI Agents in Security Operations (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cotool tested an AI agent's ability to solve security operations tasks using the Splunk BOTSv3 dataset and frontier models from Claude, OpenAI, and Gemini. Cotool found that while GPT-5.1 and Opus 4.5 achieved the top accuracy at 63%, Opus was 3x more expensive than GPT-5.1 but also completed tasks in half the wall-clock time of any other model. The Gemini models performed notably poorly on the tasks and failed to complete several tasks.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.seqrite.com%2Fblog%2Fexploiting-legitimate-remote-access-tools-in-ransomware-campaigns%2F%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/rcerUKAuQbHniDab_akgrFwLdfYTE4UCjNBuo1RfU3g=434">
<span>
<strong>The Exploitation of Legitimate Remote Access Tools in Modern Ransomware Campaigns (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Ransomware operators often use remote access tools such as AnyDesk and UltraViewer to maintain persistence, execute remote tasks, and transfer files while avoiding detection. Their typical attack involves using stolen credentials to compromise an employee, then either hijacking existing tools or installing legitimate remote access software, followed by establishing persistence, escalating privileges, and disabling security tools. Subsequently, they deploy payloads, move laterally within the network, and finally execute their ransomware attack.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fany.run%2Fcybersecurity-blog%2Flazarus-group-it-workers-investigation%2F%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/gj7LGti5PYf_WZMAqUa_b-KlSjrVAHO7kkt1o9mvEsE=434">
<span>
<strong>Smile, You're on Camera: A Live Stream from Inside Lazarus Group's IT Workers Scheme (20 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers trapped North Korean operatives from Lazarus Group's Famous Chollima division inside an extended ANY.RUN sandbox environments, documenting their full operational workflow for infiltrating Western companies as remote IT workers. The operators recruit developers via GitHub spam. They offer 20-35% salary cuts in exchange for using victims' identities and laptops for job applications, relying on AI interview tools, AstrillVPN, and remote access software rather than malware. Poor operational security allowed researchers to delay, monitor, and ultimately expose the scheme targeting the finance, crypto, and healthcare sectors.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐งโ๐ป</span></div>
</div>
</td>
</tr>
</tbody>
</table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td>
</tr>
</tbody>
</table>
<table style="table-layout: fixed; width: 100%;" width="100%">
<tbody>
<tr>
<td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F7ai.com%2F%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/zoxiStPgxZQpvvDQe8WmyLepaE89-BUnHfPJwaMENac=434">
<span>
<strong>7AI (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
7AI builds an โagentic securityโ platform where autonomous AI agents investigate alerts, correlate data, and take or recommend actions to reduce alert fatigue.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Ftheopenlane%2Fcore%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/j4hgvwY1uUelrGR1hAoo34lDpTUHkKmFcIfMpSBSQeg=434">
<span>
<strong>TheOpenLane Core (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Open source compliance automation for SOC 2, GDPR, ISO27001, NIST 800-53, and more.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FVyntral%2Fgod-eye%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/ucrXAHBWNRlbPvGGC2LDLlgQcXtZT8_BgMpDXjfuKos=434">
<span>
<strong>God's Eye (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
God's Eye is an ultra-fast subdomain enumeration and reconnaissance tool with local LLM analysis via Ollama.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">๐</span></div></div>
</td>
</tr>
</tbody>
</table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td>
</tr>
</tbody>
</table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%">
<tbody>
<tr>
<td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F12%2Fgoldfactory-hits-southeast-asia-with.html%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/sDGnaMeyNGWm5NfPHJIbGzScit5C8PbtaoKpyObHwss=434">
<span>
<strong>GoldFactory Hits Southeast Asia with Modified Banking Apps Driving 11,000+ Infections (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
GoldFactory is a cybercrime group targeting Android users in Indonesia, Thailand, and Vietnam with tampered banking apps that still appear legitimate while secretly installing remote-access malware. The malware abuses accessibility services and hooking frameworks to bypass security checks, hide its presence, control devices in real time, and steal banking data at scale. At least 11,000 infections have been identified so far.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fapnews.com%2Farticle%2Farizona-temu-lawsuit-14615cec4bb7927493a7208f9d23431b%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/duNZmAvtQ3RmIjugf2pubtLhfB9HEgnF1aBSs08h-6M=434">
<span>
<strong>Arizona Attorney General Sues Chinese Online Retailer Temu Over Data Theft Claims (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Arizona Attorney General Kris Mayes has joined several other states in suing Temu and its parent company over allegations that the online retailer is stealing customers' data. Mayes stated that the app collects a startling amount of data without users' consent, specifically citing GPS location and a list of other apps on users' phones. Mayes also expressed concerns over the quality of products sold on Temu and whether the retailer has โripped offโ other businesses.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdecrypt.co%2F350575%2Fai-models-human-level-capability-smart-contract-exploits%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/6AZX1M7KmPbPueAByQ9x0Y7vr0aPayQLMo0pw1Yb2Nc=434">
<span>
<strong>Frontier AI Models Demonstrate Human-Level Capability in Smart Contract Exploits (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Anthropic evaluated ten frontier models on a dataset of 405 historical smart contract exploits and found that the agents produced working attacks against 207 of them, totaling $550M in simulated stolen funds. Anthropic measured the model's current capabilities by plotting each model's total exploit revenue against its release date. The models also discovered two previously undisclosed zero-days.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">โก</span></div></div>
</td>
</tr>
</tbody>
</table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td>
</tr>
</tbody>
</table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%">
<tbody>
<tr>
<td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.blumira.com%2Fsoc-af%3F%26mrls=Paid_Ads%26mrsp1=tldr%26mrsp2=newsletter%26utm_source=Paid_Ads%26utm_mediuum=tldr%26utm_campaign=newsletter/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/ko8EOFqXVjzkJRy2RNoUGvkUxuLFruTJfvAxGl9VgH8=434">
<span>
<strong>Blumira: AI-guided SecOps Platform that makes humans more effective (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Blumira's SOC Auto-Focus translates complex findings into plain language, giving teams instant clarity, clear priorities, and guided next steps, without replacing human judgment. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.blumira.com%2Fsoc-af%3F%26mrls=Paid_Ads%26mrsp1=tldr%26mrsp2=newsletter%26utm_source=Paid_Ads%26utm_mediuum=tldr%26utm_campaign=newsletter/2/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/TnpOrRnG9bkmsFCUXBA88XqPZNnn0FGuIKxoMS_DBmI=434" rel="noopener noreferrer nofollow" target="_blank"><span>Learn more about Blumira & SOC AF</span></a>
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.malwarebytes.com%2Fblog%2Fpodcast%2F2025%2F12%2Fair-fryer-app-caught-asking-for-voice-data-re-air-lock-and-code-s06e24%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/bp-UFdxbM7zbtIy6cSI7y1itLLX7d6ZqaQR7IBWAr_w=434">
<span>
<strong>Air fryer app caught asking for voice data (re-air) (Lock and Code S06E24) (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Malwarebytes' Lock and Code podcast revisits UK research revealing that air fryer companion apps requested precise location and audio recording permissions without explanation.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Fproxyearth-trace-users-india-mobile-number%2F%3Futm_source=tldrinfosec/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/-yZ9fffnFn31-w5B-dxSaGhsJuSpqxmSeKUFm0mm3eo=434">
<span>
<strong>Proxyearth Tool Lets Anyone Trace Users in India with Just a Mobile Number (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A website called Proxyearth, launched in October, enables anyone to retrieve Indian citizens' full names, Aadhaar numbers, residential addresses, and live locations using only a mobile number.
</span>
</span>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td>
</tr>
<tr>
<td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td>
</tr>
<tr>
<td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/RVlSXYPnnM7aQptJlhoQgd175t0ivH34GvQLpdAonzs=434" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td>
</tr>
<tr></tr>
<tr>
<td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/fZ1yBk82f8R_kS0nn3PtTigJ3nqZIH3fZlWXS4t4-Jo=434" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td>
</tr>
</tbody>
</table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? ๐ฐ
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/9yBGoMmbdX4WX335Ggi5TTHsUCBVC5uxJCGqV--ftis=434"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? ๐ผ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/pmVhMYCEsuJBe-cvOe5Qb-lCA-yhvjuKGLzkR7MxfrM=434" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/yRGb_istytq8YtrhHw61itbg0qHE4pOmMnh10a9FXog=434"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/aTmJZaipnFfE4TjH4cJFdh7TYtHqsG0yN0Vlc4EuuIo=434"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/58aYTglDjL7LnJyf6OWIj1g8D0B1qUG0hFlGx00lc9M=434"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td>
</tr>
</tbody>
</table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%">
<tbody>
<tr>
<td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/JSQ8Mby_tD5NoNlsQ-ersQVPnjT0yDNYp7mqDg1OENI=434">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=b4d293a8-d1c3-11f0-a046-5db5ccc95afc%26pt=campaign%26pv=4%26spa=1764943381%26t=1764943677%26s=7fb3d03a30823ae052da3004f5001f76f0f046b6cf307c5ba2e32ab0933cc437/1/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/vw8vF0q5aL8Jy04sro9Lv2es1FlKVegveDZWvi4ZKFA=434">unsubscribe</a>.
<br>
</div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
</tbody>
</table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019aeed74a1b-3cd41f97-1518-48aa-98d1-fc7f00f10f0e-000000/VxkBd2UT2WfOoamFh9Vr-6hsq8LTftZepSJq9BIvdMc=434" style="display: none; width: 1px; height: 1px;">
</body></html>