<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Barts Health NHS Trust confirmed that the Cl0p ransomware group exfiltrated 241 GB of data from invoice databases after exploiting a vulnerability β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/K9Rqcr7zgAm09p30u9769iEpTst6v9HAA2XPOiTyqaI=434" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/DuPFWyVPGv9NQm4doE19bMui9Oy5RZXnW6EE1avLCqw=434" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=40c9fb2a-d4f4-11f0-bcd2-1dd6a8e948be%26pt=campaign%26t=1765289207%26s=d21d85950458cf90cb7b1329fbba334645027ca6e3b5d7d2123e600e6ca31ac3/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/7Tvs1ac2Y6nRIKxISIl37L98mFle0HTFrMc91NTMapQ=434"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexplore.dnsfilter.com%2Ftldr-content-filtering-ebook-offer%3Futm_source=tldr-25%26utm_medium=paid-sponsorship%26utm_campaign=dnsf_ct_december-2025_tldr_conversationalgeek%26utm_content=conversationalgeek/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/dqfkRWZn2tblxkIoc8_D8ecgYsjxFUyXKSM7CVC4uC4=434"><img src="https://images.tldr.tech/beechstreet.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Beech Street Digital"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-12-09</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexplore.dnsfilter.com%2Ftldr-content-filtering-ebook-offer%3Futm_source=tldr-25%26utm_medium=paid-sponsorship%26utm_campaign=dnsf_ct_december-2025_tldr_conversationalgeek%26utm_content=conversationalgeek/2/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/KjxRWQC_FBE1iSWPv9EbbQ1yH9ubgxB0BHvvGi0OXkM=434">
<span>
<strong>Your firewall protects the office. Who protects the airport, coffee shop, and home office? (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Old-school firewalls are built for a perimeter that no longer exists. Work happening outside the corporate network is just a fact - but that doesn't mean you should give up on security.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexplore.dnsfilter.com%2Ftldr-content-filtering-ebook-offer%3Futm_source=tldr-25%26utm_medium=paid-sponsorship%26utm_campaign=dnsf_ct_december-2025_tldr_conversationalgeek%26utm_content=conversationalgeek/3/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/CJ5Cp_ygGI0AwRo6b0qWkj5W4dlTx0VILY26NiqNKLM=434" rel="noopener noreferrer nofollow" target="_blank"><span>DNSFilter</span></a> stops malicious connections before they hit the endpoint - blocking malware, questionable content, and productivity drains. Learn how it works with the <strong>free</strong> 43-page eBook, <a class="underline" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexplore.dnsfilter.com%2Ftldr-content-filtering-ebook-offer%3Futm_source=tldr-25%26utm_medium=paid-sponsorship%26utm_campaign=dnsf_ct_december-2025_tldr_conversationalgeek%26utm_content=conversationalgeek/4/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/iM4EoaCODThYR48rXRpB1fOO3fLzjdybIrZqVbujJFA=434" rel="noopener noreferrer nofollow" target="_blank"><span>Conversational Content Filtering in a Hybrid Workforce</span></a>, covering:</p>
<p>β The true cost of unregulated internet access (legal, productivity, security)</p>
<p>β How to build precise, role-based policies without strangling productivity</p>
<p>β Zero-friction integration with your existing security stack</p>
<p><a class="underline" href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fexplore.dnsfilter.com%2Ftldr-content-filtering-ebook-offer%3Futm_source=tldr-25%26utm_medium=paid-sponsorship%26utm_campaign=dnsf_ct_december-2025_tldr_conversationalgeek%26utm_content=conversationalgeek/5/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/R3q5FFzzPakwiAWotj_q5tmLQT20Gm389xPoZ2WcsNw=434" rel="noopener noreferrer nofollow" target="_blank"><span>Download the free eBook</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Fbarts-health-nhs-cl0p-ransomware-data-breach%2F%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/mlBb9Iq_pl7e6-Z6WhiDx2aOJbRtVm1Hj4ezaEPS3fY=434">
<span>
<strong>Barts Health NHS Confirms Cl0p Ransomware Behind Data Breach (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Barts Health NHS Trust confirmed that the Cl0p ransomware group exfiltrated 241 GB of data from invoice databases after exploiting a vulnerability in Oracle E-Business Suite. The breach occurred in August but remained undetected until data surfaced on leak sites in November. Stolen data included patient billing information, former staff salary records, and supplier payment details. Clinical systems remained unaffected. Oracle has since patched the exploited flaw. The incident highlights the continued targeting of healthcare organizations through enterprise software vulnerabilities.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsocprime.com%2Fblog%2Fcve-2025-66516-vulnerability%2F%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/2sgcSwLqYKW10Di8Fw9vV4tff5vMPIcnAyw1VGhUJG8=434">
<span>
<strong>CVE-2025-66516: Maximum-Severity Vulnerability in Apache Tika Could Lead to XML External Entity Injection Attack (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A newly disclosed XXE vulnerability, CVE-2025-66516, affects several Apache Tika components and allows attackers to embed malicious XFA content in PDFs, potentially exposing sensitive server files or enabling remote code execution. Upgrade all affected Tika modules ASAP.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fmalicious-vscode-extensions-on-microsofts-registry-drop-infostealers%2F%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/EJfgDppzMuy34CGbjNMrpk-o7uHAhvVPGXFw4Ng-GCc=434">
<span>
<strong>Malicious VSCode Extensions on Microsoft's Registry Drop Infostealers (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers have discovered two malicious extensions for VSCode that masquerade as a theme and an AI assistant, respectively, to drop infostealers. The extensions run a script that uses curl to download a malicious DLL, which executes as runtime.dll. The infostealers collect running processes, clipboard content, WiFi credentials, system information, screenshots, lists of installed programs, cookies from Chrome and Edge browsers, and cryptocurrency wallet passwords and credentials.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4101929%2Foffensive-security-takes-center-stage-in-the-ai-era.html%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/7bbiXA-zc6sNeUq03mYDVCWC1J77KGmAUIFJS1ngFPc=434">
<span>
<strong>Offensive security takes center stage in the AI era (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CISOs are increasingly adopting comprehensive offensive security programs as AI-enabled threats create more sophisticated attack patterns that traditional scanning cannot detect. OffSec maturity spans from basic vulnerability management through penetration testing to advanced threat hunting and security tool evasion testing. Automation and AI have lowered barriers to implementation. Offensive and defensive programs must work in concert rather than in isolation, with OffSec providing empirical risk validation and data-driven evidence for security investments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F12%2Fhow-can-retailers-cyber-prepare-for.html%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/vzcPAOx8rXD8kru1evaqFJkKfxbkHo8XA5AZl-fK7dU=434">
<span>
<strong>How Can Retailers Cyber-Prepare for the Most Vulnerable Time of the Year? (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Holiday shopping periods create compressed attack windows where bot-driven credential stuffing, account takeover, and automated fraud campaigns intensify against retail systems running at peak capacity with reduced staff. Layered defenses should include adaptive MFA for risky transactions, bot management with device fingerprinting, credential-stuffing detection, and blocking passwords against known breach datasets. Organizations should also test authentication failover procedures and implement strict third-party access controls, as vendor credential compromise remains a primary attack vector.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjfrog.com%2Fblog%2F2025-55182-and-2025-66478-react2shell-all-you-need-to-know%2F%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/YyWWOh3a2cMqPtepym5eolmeGMLSJXXqoYlT18iXW1Y=434">
<span>
<strong>React2Shell (CVE-2025-55182): Detection & Mitigation Guide (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
React2Shell is a critical remote code execution flaw in React Server Components and related Next.js setups that allows an attacker to send a crafted HTTP request to a server-side function endpoint and execute arbitrary code on the backend. Systems are especially at risk when using React Server Functions with the use server directive or default Next.js App Router configurations, which expose vulnerable endpoints even in otherwise standard apps. The issue affects multiple React server DOM packages and a wide range of Next.js 15 and 16 versions. Fixed versions are already available. Upgrading these components is the primary mitigation.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fxbow.com%2Fpentest%3Futm_source=tldr%26utm_medium=email%26utm_campaign=on-demand-pentest/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/Ocf4oQqgGoMQgjlrDiSrCDJHvTIumbiIDm2Pfwqj2UQ=434">
<span>
<strong>Zero Day / Zero Pay - XBOW Lightspeed Autonomous Expert-Level Pentesting (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
π Security teams: XBOW's Lightspeed on-demand pentest delivers expert-level, exploit-proven results in days -- <em>using the same attack-automation engine that climbed to #1 on the HackerOne leaderboards</em>. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fxbow.com%2Fpentest%3Futm_source=tldr%26utm_medium=email%26utm_campaign=on-demand-pentest/2/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/gP_4VMRF1nvsNapGQXkqKWbUQ_3vsj1zw5oTxDNKS6A=434" rel="noopener noreferrer nofollow" target="_blank"><span><strong>Book your pentest</strong></span></a> <strong>by Dec 26th and they will guarantee an exploit-validated security finding or you don't pay.</strong> <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fxbow.com%2Fpentest-webinar%3Futm_source=tldr%26utm_medium=email%26utm_campaign=on-demand-pentest/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/kJA1I50t8YLW3jIE72F0Hl9Dde_1AF-Gcf7C3SzRTOE=434" rel="noopener noreferrer nofollow" target="_blank"><span>Watch how they completed a full pentest from launch to compliance-ready and get ready to start your own.</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fchainguard-dev%2Fmalcontent%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/FIaIwdsEFrSA4PdQ3qwSTdxsPgVgNDLv13lZXi6FaQw=434">
<span>
<strong>malcontent (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
malcontent discovers supply-chain compromises through the magic of context, differential analysis, and 14k+ YARA rules.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fntop%2FnDPI%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/gGeYyHoSkcTCPr1HGXGeP04jYr5Ec5_eCKl_HRquUfs=434">
<span>
<strong>nDPI (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Open Source Deep Packet Inspection Software Toolkit.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.resemble.ai%2F%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/O-Ljgo8Jx6pzZ0iy6iZ_43AXpo2gWGv-tfnet9zVVcE=434">
<span>
<strong>Resemble AI (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Resemble AI builds enterprise voice-AI tools for ultra-realistic voice generation, cloning, and deepfake detection to secure communications and prevent AI-enabled fraud and social engineering attacks in real time.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F12%2Fandroid-malware-fvncbot-seedsnatcher.html%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/tK4_jX9Ez4wrcqGDFrxrzqiKj7h3MfYmU3gs3ffpAFE=434">
<span>
<strong>Android Malware FvncBot, SeedSnatcher, and ClayRat Gain Stronger Data Theft Features (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers disclosed three Android malware families with enhanced capabilities: FvncBot targets Polish banking users with keylogging, web-inject attacks, and hidden VNC; SeedSnatcher steals cryptocurrency wallet seed phrases and 2FA codes via Telegram distribution; and an upgraded ClayRat enables full device takeover through accessibility services abuse. FvncBot uses the apk0day crypting service and session-based installation to bypass Android 13+ restrictions, while ClayRat spreads through 25 phishing domains impersonating YouTube and Russian taxi apps. Organizations should monitor for accessibility service abuse patterns and enforce sideloading restrictions to mitigate these threats.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2025%2F12%2F08%2Fgartner_recommends_ai_browser_ban%2F%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/0BBC4z9cYSa1hfTE74rglXO1yEkEd8WJUuf11qq45Bc=434">
<span>
<strong>Block all AI browsers for the foreseeable future: Gartner (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Gartner analysts have urged organizations to block AI-enabled browsers, such as agentic and sidebar-based tools, because they send sensitive browsing data to cloud backends and can autonomously act within logged-in sessions, making them vulnerable to prompt injection, phishing, and credential abuse. They worry staff could automate mandatory tasks such as security training and misconfigure procurement or travel bookings, and have recommended strict risk assessments, tight controls, or outright bans for now.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2025%2F12%2F08%2Fgoogle-details-security-measures-for-chromes-agentic-features%2F%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/e_IRI23lwdp4MFneffJx9N_hO4g11O3-8MJXCbrcHwE=434">
<span>
<strong>Google details security measures for Chrome's agentic features (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Chrome's upcoming AI βagenticβ features will act on users' behalf to complete tasks such as shopping or filling out forms, while also reducing security risks. It uses separate models to check that planned actions align with user goals and to vet URLs, limits what page data agents can read or modify, and asks for explicit permission before accessing sensitive sites, using passwords, or completing purchases.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.blumira.com%2Ftrial%3F%26mrls=Paid_Ads%26mrsp1=tldr%26mrsp2=newsletter%26utm_source=Paid_Ads%26utm_mediuum=tldr%26utm_campaign=newsletter/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/xCR_aasdk9gt0uvhK7xtBJ5VynNr6bKD-oSVsCUoTrs=434">
<span>
<strong>Your Security team doesn't need saving - it needs support (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Blumira is the SecOps platform for growing teams - combining AI, automation, and human expertise. Respond to threats in 30 minutes/wk. 24/7 support for critical issues. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.blumira.com%2Ftrial%3F%26mrls=Paid_Ads%26mrsp1=tldr%26mrsp2=newsletter%26utm_source=Paid_Ads%26utm_mediuum=tldr%26utm_campaign=newsletter/2/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/xlTU2GxzJasG_V5r3LGnYQ6iRRlLJdaklUrC8hQSRdg=434" rel="noopener noreferrer nofollow" target="_blank"><span>Try free for 30 days</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2Fransomware-payments-surpassed-4-5-billion-us-treasury%2F%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/JHV_9gv5RoW2lgR9N5TyKd-KW_-ur-eK1mi4Ey4kBBs=434">
<span>
<strong>Ransomware Payments Surpassed $4.5 Billion: US Treasury (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Financial services, manufacturing, and healthcare were the most targeted sectors.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fportugal-updates-cybercrime-law-to-exempt-security-researchers%2F%3Futm_source=tldrinfosec/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/S9Qz8zQiGiZ7bJeQ32mjbRl9E5uyXP4zJ3Xqr8r2w5E=434">
<span>
<strong>Portugal updates cybercrime law to exempt security researchers (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Portugal established a legal safe harbor for good-faith security researchers who identify and responsibly disclose vulnerabilities without seeking economic benefit, provided they report findings to system owners and the national cybersecurity authority within strict guidelines.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/WstBb7wH8YA4jCIkOPFbBEM3fqs3niP2Wx91FXJbG9Y=434" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/Bg6xZm21AGYXCkvCtRAivwtbnx8aXA298_tIjIMBvJM=434" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/pO16tJBL-q-9lKnwAbktOv4jypu5KMB1EWpa8PMqdpg=434"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/al-_MH6HofmFkQx8PSSHs0k74DCySSQl8AcM555GD00=434" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/LN8pvcKrYBWHNDQrFs_HFHRLUJaDPmcxzP9snjtQ4Xs=434" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/--yeUklGGeTTt8L5ljBl2LL7TCuIXFPVdycVjwLjMOw=434" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/TNCnGLyQN7tO6XojjpQRiixu-RS-yyTdGykdX88pY-Q=434"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/zl3rRYrxYbVDudUWtgwOGtWhPaT4xRfJLMPxkxRiYgs=434"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/PcqF5btddQK8aML-vswuDvyuD41dULv7mCdj39fA9iI=434"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/LmqqySshTrr0oXPpVDbeFcMCtBes5-rgN0j48wnpBhQ=434">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=40c9fb2a-d4f4-11f0-bcd2-1dd6a8e948be%26pt=campaign%26pv=4%26spa=1765288897%26t=1765289207%26s=f6d1fafefcef4a1698a67fd8b59878d16e1e60a273b16ad63ad2975316bfd8e6/1/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/SJ9MlvwB8SF8SYynh9TQWIUYWIcLVL8yxtdIgGEDwAE=434">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019b036fa759-5f55799e-9a62-4089-b703-abc3329a461a-000000/4QGQr9mlv3APXMW0nummFCYtf20bpTk46eGk3LOXiQw=434" style="display: none; width: 1px; height: 1px;">
</body></html>