<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">A six-month investigation uncovered over 30 vulnerabilities across every major AI-integrated IDE tested, including GitHub Copilot β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/gELtFVQ3P_4v-8RMhcESxOSSPWaycoP5Z6qkvXU-5BY=434" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/E-7TJnAgQuEdy_92ZEtKadHVFl9NuEvK1FP55XDPp18=434" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=e4fbcc00-d427-11f0-a61f-95136dc3e160%26pt=campaign%26t=1765202879%26s=4cd326d0dc240e6210ba5ccd675927b141881419062cf872000c102f2d34d5ba/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/PSCbweiCk7aSSrAn5TYp9JSeGXpSAgz6edHb0Lw9_f0=434"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-12%26utm_content=text%26utm_term=ondemand-december-8-primary-infosec-newsletter/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/pCjDHD2cZatAyTKd35Yu4fVyCzK9Y6NiJBx_r9AuOHc=434"><img src="https://images.tldr.tech/1password-2.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="1Password"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-12-08</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-12%26utm_content=text%26utm_term=ondemand-december-8-primary-infosec-newsletter/2/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/cjJySkHQE9k3oeHPD_9-dIKQESJ3_gqx7yaBT3cdLMM=434">
<span>
<strong>1Password webinar: Behind the scenes of Reddit's cybersecurity (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
In this on-demand webinar, Nick Fohs, Sr. Manager of Enterprise Security & Systems at Reddit, provides an inside look at how Reddit was able to strengthen security without slowing employees down. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-12%26utm_content=text%26utm_term=ondemand-december-8-primary-infosec-newsletter/3/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/_ckzvFmADAbyrvLJqyOwqpTy4JCdWfHqtAOALujqPdI=434" rel="noopener noreferrer nofollow" target="_blank"><span>The key? Centralizing credential management with 1Password. </span></a>
<p></p>
<p>You'll learn:</p>
<ul>
<li>Why credential sprawl and shadow IT put Reddit at risk</li>
<li>How they rolled out 1Password and drove adoption across the enterprise</li>
<li>The measurable improvements they saw in efficiency, compliance, and security</li>
</ul>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fhow-reddit-scales-secure-access%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_commercial_amer_english_reddit-scales-secure-access_consideration_2025-12%26utm_content=text%26utm_term=ondemand-december-8-primary-infosec-newsletter/4/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/1sllLp0JtT9G_D-akWyJxk8_i2QuGJ7aAW_zqr4-eTE=434" rel="noopener noreferrer nofollow" target="_blank"><span><strong>Watch now</strong></span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.tomshardware.com%2Ftech-industry%2Fcyber-security%2Fresearchers-uncover-critical-ai-ide-flaws-exposing-developers-to-data-theft-and-rce%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/PFFDn5qqZ6BPfhPptJ1MLCLw2yMgpO7r9jBj_pzCPrs=434">
<span>
<strong>Critical flaws found in AI development tools dubbed an 'IDEsaster' β data theft and remote code execution possible (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A six-month investigation uncovered over 30 vulnerabilities across every major AI-integrated IDE tested, including GitHub Copilot, Cursor, Claude Code, and JetBrains products, resulting in at least 24 assigned CVEs. The attack chain exploits prompt injection via rule files, READMEs, or malicious MCP servers to hijack AI agents, which then abuse legitimate IDE features like JSON schema fetching or executable path configuration to exfiltrate data or achieve RCE. Organizations using AI coding assistants should audit workspace configurations, restrict AI agent permissions, and monitor for suspicious outbound requests from development environments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.expressvpn.com%2Fblog%2Fmagicedit-data-exposed%2F%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/TK0184Hc_q3uOBYEwA71GMeea-TXPmBvFGnlrsM6Pzg=434">
<span>
<strong>Popular AI Image Generator Exposed Over 1M Images Including DeepFakes and Nudity Face Swaps (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Security researcher Jeremiah Fowler uncovered an unsecured, publicly accessible database containing images and videos that appeared to belong to a company named SocialBook. The database included pornographic face swaps, deepfakes, and unaltered reference photos. It is unclear how long the images were accessible or whether the exposure was caused directly by SocialBook or through a third party.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2025%2F12%2F05%2Fpetco-confirms-security-lapse-exposed-customers-personal-data%2F%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/HYh7n4hlaOh2cX9d0OQideaNtmjti3yLbe-BPk6z6_o=434">
<span>
<strong>Petco confirms security lapse exposed customers' personal data (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Petco reports that a misconfigured software application briefly left certain customer files accessible online, exposing unspecified personal data before the issue was fixed. Details on the number of victims and exact data types remain undisclosed, though legal thresholds suggest that at least hundreds of customers were impacted.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4101173%2Fhardening-browser-security-with-zero-trust-controls.html%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/qeXrM_EJBj6_rO_ZScb71swe5p5108J0pZPNaEeRaZs=434">
<span>
<strong>Hardening browser security with zero-trust controls (14 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This framework outlines six principles for browser-centric zero trust architecture: identity-first access control using federated IdPs, least-privileged access with time-bounded entitlements, continuous verification with adaptive policies, phishing-resistant FIDO2/WebAuthn authentication, device health gating via MDM/EDR integration, and remote browser isolation for high-risk sessions. Implementation follows CISA's Zero Trust Maturity Model through three stagesβstarting with SSO and passkey MFA, advancing to device compliance enforcement with SCIM automation, and achieving optimal state with per-request access decisions and automated RBI for privileged operations. Security teams should prioritize deploying passkeys to administrators first, integrate IdP conditional access with SIEM/SOAR to automate session revocation, and codify all ZTNA policies as infrastructure-as-code for governance.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Funit42.paloaltonetworks.com%2Fmodel-context-protocol-attack-vectors%2F%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/WuBUgrIL4-Iql9YTfoB5y55Cz8_S2qP0LLEYMPpAh4Y=434">
<span>
<strong>New Prompt Injection Attack Vectors Through MCP Sampling (15 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Unit 42 researchers demonstrated three attack vectors exploiting the Model Context Protocol (MCP) sampling feature in AI coding copilots: resource theft through hidden prompts that consume token quotas invisibly, conversation hijacking via persistent prompt injection that alters LLM behavior across sessions, and covert tool invocation enabling unauthorized file system operations without user awareness. The attacks exploit MCP's implicit trust model, where malicious servers can craft prompts requesting LLM completions, with responses processed and hidden from users by the client's summarization layer. Organizations should implement request sanitization with strict templates, enforce capability declarations limiting server permissions, require explicit user approval for tool executions, and deploy statistical analysis to flag abnormal token usage patterns.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flabs.withsecure.com%2Fpublications%2Ftanglecrypt%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/hhGC8_ODiNSJwJU2zKqdOhPp5oRBiINaCl_SeM4r-gs=434">
<span>
<strong>TangleCrypt: A Sophisticated But Buggy Malware Packer (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
TangleCrypt is a previously undocumented Windows malware packer that features complex features such as the ability to execute in its own process or a child process based on a user-supplied string. The packer employs several common anti-analysis techniques such as anti-debugging, string encryption, dynamic import resolving, and unoptimized code. There are several bugs in the packer, which suggests that it may still be a work in progress.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.tines.com%2Faccess%2Fguide%2Funlocking-it-agility-with-automation-and-orchestration-iam%2F%3Futm_source=TLDR%26utm_medium=paid_media%26utm_content=secondary-0812/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/M8IJKGU9arGAooU9WgJEBiHFFBLqjkAyj7OeU0f2xac=434">
<span>
<strong>Scalable IAM strategy examples and workflows to swipe (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
When identity breaks down, the consequences ripple across the business. If you feel like manual IAM processes aren't keeping up with modern demands, grab this <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.tines.com%2Faccess%2Fguide%2Funlocking-it-agility-with-automation-and-orchestration-iam%2F%3Futm_source=TLDR%26utm_medium=paid_media%26utm_content=secondary-0812/2/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/Np6Qk1E59lperT6FGtK7weyrumvqk8OuvKBpO388PNg=434" rel="noopener noreferrer nofollow" target="_blank"><span>free Tines guide</span></a> for a 5-step IAM framework, practical checklist, and pre-built workflows for a <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.tines.com%2Faccess%2Fguide%2Funlocking-it-agility-with-automation-and-orchestration-iam%2F%3Futm_source=TLDR%26utm_medium=paid_media%26utm_content=secondary-0812/3/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/6LBbAW5J-Bsbhqpuu7JCV2w-X4NKGs6_32i1lC52qd0=434" rel="noopener noreferrer nofollow" target="_blank"><span>more scalable IAM strategy</span></a>.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FLogisek%2FEvilMist%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/U-Gby2GdYRRK6mxN4W1sJeo29BW6iMM-JylQkI2IntM=434">
<span>
<strong>EvilMist (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
EvilMist's Enumerate-EntraUsers is an Azure Entra ID reconnaissance tool featuring 15+ user enumeration methods designed to work even when direct /users API access is blocked. It assesses MFA gaps, conditional access policy weaknesses, and privilege escalation paths with BloodHound-compatible export. Available in PowerShell and Python with stealth mode (configurable delays/jitter) for detection evasion.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgibberifier.com%2F%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/Sw8NFuKUHw-xlW1GgK_xyH1PBViRfoPTo-pra5hy4ek=434">
<span>
<strong>Text Gibberifier (WebApp)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A WebApp that inserts invisible Unicode characters into text to block AIs from reading it while preserving meaning for humans.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.helmetsecurity.com%2F%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/0-idQmJREW6aoMuKySimLtMJiuyGPc9qfXF0iVlUJik=434">
<span>
<strong>Helmet Security (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Helmet Security provides an end-to-end security platform for agentic AI, focused on securing Model Context Protocol (MCP) servers and connections between AI agents, software, and data. It discovers MCP endpoints, monitors and logs traffic, and blocks noncompliant or risky AI communication paths.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2025%2F12%2F04%2Fsanctioned-spyware-maker-intellexa-had-direct-access-to-government-espionage-victims-researchers-say%2F%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/HxM8Lx3M75T558fUd2mc0TGNtpvQbMrLGNizASNEISE=434">
<span>
<strong>Sanctioned Spyware Maker Intellexa Had Direct Access to Government Espionage Victims (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers from Amnesty International and a coalition of newspapers released a series of reports based on data from Intellexa, a company selling spyware to governments and other clients. The leaked data included training videos showing that Intellexa employees could remotely access some of their customers through TeamViewer. Intellexa denies any misconduct, asserting that it only uses TeamViewer with client permission and supervision for technical support when issues need fixing.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FiPPvaX/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/-BbO31GCNhpcEUuec2SkbQ_eCsv5iICeOJEYLjmG5ZA=434">
<span>
<strong>Why Security Needs to Become an Integral Part of AI Development (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Given the non-deterministic nature of LLMs, security teams need to embed themselves in the development of agentic and other AI tools. They should collaborate with developers and share tooling for code analysis and agent monitoring. Security teams should also use AI-based tools and social engineering to pentest models.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.networkworld.com%2Farticle%2F4101647%2Fcloudflare-firewall-reacts-badly-to-react-exploit-mitigation.html%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/HFvUc-DLvZ89w3YI-hKVrylkJwjwriyXMX519sBueCM=434">
<span>
<strong>Cloudflare firewall reacts badly to React exploit mitigation (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cloudflare briefly knocked many customer sites and services offline after a flawed Web Application Firewall update meant to block a new remote code execution vulnerability in React Server Components. The misconfiguration took Cloudflare's network down for several minutes, disrupting platforms from e-commerce to cloud services and echoing earlier large outages at Cloudflare and AWS.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fengage.broadcom.com%2Fmainframe-bigironbits%3Futm_source=TLDR%26utm_medium=Paid%26utm_campaign=Tldr-IS-Dec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/HRE9rLI3WEP-jAdtY-tnqXkZae2LhhKfvi-mYYgNBlI=434">
<span>
<strong>When The Office meets the mainframe, you get Big Iron Bits (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Banks, hospitals, and telecoms run on mainframe. Big Iron Bits: a Mainframe Mockumentary shows why this engine of the future keeps thriving. Laugh your way through mainframe fact and fiction. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fengage.broadcom.com%2Fmainframe-bigironbits%3Futm_source=TLDR%26utm_medium=Paid%26utm_campaign=Tldr-IS-Dec/2/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/L7ISNKGtZw6JKpNBJGaO5bmVq7ziGSrgocT01mL0d3g=434" rel="noopener noreferrer nofollow" target="_blank"><span>Start watching now</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberscoop.com%2Fbipartisan-health-care-cybersecurity-legislation-returns-to-address-a-cornucopia-of-issues%2F%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/iSYRyrITgMD5K1Rl4TygUZuDKgAT8NmWgzUHzThES0s=434">
<span>
<strong>Bipartisan health care cybersecurity legislation returns to address a cornucopia of issues (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A bipartisan group of senators reintroduced the Health Care Cybersecurity and Resiliency Act, which would mandate updates to HIPAA regulations, authorize a five-year grant program for health care entities, and improve HHS-CISA coordination on incident response and training.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FUgrAGP/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/aco7hlCcd9E97TZHu69WdE0wFXXNnnSECiaIzs2-mT0=434">
<span>
<strong>Have you been targeted by state-sponsored hackers? Apple, Google issue fresh alerts (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Apple and Google issued threat notifications to users in over 150 countries, with Google specifically warning that several hundred accounts were targeted by US-sanctioned Intellexa spyware, exploiting zero-day vulnerabilities in mobile browsers.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fkrebsonsecurity.com%2F2025%2F12%2Fsms-phishers-pivot-to-points-taxes-fake-retailers%2F%3Futm_source=tldrinfosec/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/jqo66sFE0GFOfCD_L7GXXbLshtW2CKoJ-QvFlEjOKTw=434">
<span>
<strong>SMS Phishers Pivot to Points, Taxes, Fake Retailers (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
China-based SMS phishing crews are sending iMessage and RCS texts about rewards points, tax refunds, and fake retailers to steal victims' card data and one-time codes.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/sv3iWVVo_CggkxPehl4zHAvGUUsSJ2nHFGY5Iytq5Ig=434" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/ttpuDlYOaOAHQpGkvmCt42qjHRc9LBpW6PdOV0WuBEE=434" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/b37d6BeZox4lnq5glyGiHvj4FBMzzYsqO1_pl4mVgz4=434"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/r1uzh7bUsi7vJm33sRQikW-Vu21zth3fkN3Xc9zX2vU=434" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them!
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/KpGi-GtCTjEjaJr4jnvF117bc4hBFaoK5h1B2AqKo_Y=434"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/MQL7DGLpV5q09uZa85yJVCZm4FL7e7622UOT4kpy_10=434"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/QJEJMoreuQxAiZePmCS2F87Gah3KaAADxOV-GJnp7Lg=434"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/uBhbDTymkTihCJhJ8vm6Kt0imlxV4FgsYrI0tWhRIBs=434">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=e4fbcc00-d427-11f0-a61f-95136dc3e160%26pt=campaign%26pv=4%26spa=1765202550%26t=1765202879%26s=d179429033c04a214def1c778bbb5cc0a996b95132951bda536ed6bb9c68e877/1/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/vcZ3W7zhBbOJV1Hl_Yz6P6HpZNRSSmRpCmEFjqW3TfU=434">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019afe4a624c-43a27443-c358-4801-92f0-afbd08130cdd-000000/NLiAju897KpESazPOLRiF2aZ-6AW-7VEA7sz0m4PHlk=434" style="display: none; width: 1px; height: 1px;">
</body></html>