<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Google patched two Chrome vulnerabilities exploitable via malicious web pages. Both flaws affect Chrome's 3.4 billion users β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/Hitw2PZ5xCNFCJ6hvx9aCGvZ2diUCQEMhxcLHF0Pmbs=436" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/sJkfm1a-9Wi0W_1UKHjcn-wN2132OB3S4rWCQDUZj0A=436" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=6902e4e8-dcc5-11f0-b050-4b4680e9e42d%26pt=campaign%26t=1766153215%26s=4236f1228e6fe4d6d12b7a52ca4c77c7fc641738de9022ad64d3264027b0735b/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/RyXrElqeJmrPEdVWBBIk6apsfkAWX3L8e-faK7fAqt0=436"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.fastly.com%2Fblog%2Foutages-attacks-and-a-need-for-resilience%3Futm_campaign=NAMER_Display-Website-Visits_TLDR-Newsletter_EN_Digital_Brand-Awareness%26utm_source=TLDR%26utm_medium=display/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/gb2GMiO-SbZBpT2684lU7c5SIZiguWujHBhHoHcLfII=436"><img src="https://images.tldr.tech/fastly.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Fastly"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2025-12-19</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.fastly.com%2Fblog%2Foutages-attacks-and-a-need-for-resilience%3Futm_campaign=NAMER_Display-Website-Visits_TLDR-Newsletter_EN_Digital_Brand-Awareness%26utm_source=TLDR%26utm_medium=display/2/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/EZhpXbfanTIBMC7-CLYALRhoFIec00G1pQxI15Aa_z8=436">
<span>
<strong>The aftermath of a failed DDoS attack during a multi-petabyte traffic surge (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attackers couldn't have chosen a better moment to<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.fastly.com%2Fblog%2Foutages-attacks-and-a-need-for-resilience%3Futm_campaign=NAMER_Display-Website-Visits_TLDR-Newsletter_EN_Digital_Brand-Awareness%26utm_source=TLDR%26utm_medium=display/3/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/qBt0WJn5c3R2aR5BFd-TLZRGkSfnnipD8ExYjcPvdBE=436" rel="noopener noreferrer nofollow" target="_blank"><span> strike Fastly</span></a>: As major customers shifted tens of petabytes of traffic to Fastly due to another provider's outage, several advanced DDoS attacks were unleashed on our platformβ¦yet there was no end-user disruption.
<p></p>
<p>Fastly's architectural choices, operational discipline, and commitment to continual refinement built a platform that is always prepared for the worst. Now, in a<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.fastly.com%2Fblog%2Foutages-attacks-and-a-need-for-resilience%3Futm_campaign=NAMER_Display-Website-Visits_TLDR-Newsletter_EN_Digital_Brand-Awareness%26utm_source=TLDR%26utm_medium=display/4/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/JGZTTpwOzYIW_ArMXl2PVJTsF7kPogAvILtmDhn6w2k=436" rel="noopener noreferrer nofollow" target="_blank"><span> detailed analysis</span></a>, Fastly is sharing the secret to its resilience.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.fastly.com%2Fblog%2Foutages-attacks-and-a-need-for-resilience%3Futm_campaign=NAMER_Display-Website-Visits_TLDR-Newsletter_EN_Digital_Brand-Awareness%26utm_source=TLDR%26utm_medium=display/5/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/40jjbUMfm-3lyJwn_7KA93OGgY8iPN2eB6jahwhhC6k=436" rel="noopener noreferrer nofollow" target="_blank"><span>Read the blog</span></a> to learn how to make resilience a design principle.
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.malwarebytes.com%2Fblog%2Fnews%2F2025%2F12%2Ftwo-chrome-flaws-could-be-triggered-by-simply-browsing-the-web-update-now%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/Y4tCUrA7BNpAb68C7YXOgNwLuNBvNvsiWOA937uBZOY=436">
<span>
<strong>Two Chrome flaws could be triggered by simply browsing the web: Update now (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google patched two Chrome vulnerabilities exploitable via malicious web pages: a use-after-free in WebGPU (CVE-2025-14765) that enabled heap corruption, and an out-of-bounds read/write in the V8 JavaScript engine (CVE-2025-14766). Both flaws affect Chrome's 3.4 billion users and require no user interaction beyond visiting a crafted site. Update to version 143.0.7499.146 or later immediately.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.securityweek.com%2F113000-impacted-by-data-breach-at-virginia-mental-health-authority%2F%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/C6ZsfOCYhRntQxxBJQlfjfIHvBUvskaRfagdS4tXt0Y=436">
<span>
<strong>113,000 Impacted by Data Breach at Virginia Mental Health Authority (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Richmond Behavioral Health Authority in Virginia was hit by a ransomware attack in late September that encrypted parts of its network and revealed data on more than 113,000 individuals, including names, Social Security numbers, passport information, and financial and health details. Victims are advised to monitor their accounts and credit reports closely, as the ransomware group Qilin claims to have leaked 192 GB of stolen data.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2025%2F12%2Fhpe-oneview-flaw-rated-cvss-100-allows.html%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/shTi_yK1H-ueKgjbOgBlzpkOwb8nTU2EXe_UCJjZLew=436">
<span>
<strong>HPE OneView Flaw Rated CVSS 10.0 Allows Unauthenticated Remote Code Execution (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Hewlett Packard Enterprise has patched a critical remote code execution vulnerability in HPE OneView, tracked as CVE-2025-37164 with a maximum CVSS score of 10.0, that allows unauthenticated attackers to execute code remotely. The flaw affects all versions before 11.00, making prompt patching essential to prevent exploitation.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4108328%2Fthe-raspberry-pi-wakeup-call-why-enterprises-must-rethink-physical-security.html%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/fgfvQ0iVNWxTebWLjX6K59UgWLU8FhYWMUV9xq6vdwc=436">
<span>
<strong>The Raspberry Pi wakeup call: Why enterprises must rethink physical security (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A recent Raspberry Pi attack attempt on a French ferry highlights how rogue devices with cellular modems can bypass traditional network monitoring by creating their own internet connection from inside the perimeter. Analysts estimate 50% of enterprises remain vulnerable to similar physical attacks due to unsecured Ethernet ports and inadequate device authentication. Organizations should disable unused ports by default, implement 802.1X authentication, deploy physical layer fingerprinting tools, and monitor for external infrastructure connections when unknown devices appear.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Funit42.paloaltonetworks.com%2Fransomhouse-encryption-upgrade%2F%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/M0vBJ_TWDddz4xSV8Phb5B1AA8KRllGhNOTKiQKsgSU=436">
<span>
<strong>From Linear to Complex: An Upgrade in RansomHouse Encryption (13 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Unit 42 analyzed the upgraded Mario encryptor used by the RansomHouse ransomware, which evolved from simple single-pass encryption to a two-factor scheme that uses both primary and secondary keys, with chunked file processing. The RaaS operation, tracked as Jolly Scorpius, specifically targets VMware ESXi infrastructure, using the MrAgent deployment tool to encrypt multiple virtual machines simultaneously. The enhanced encryption methodology, with non-linear file processing and dynamic chunk sizing, significantly complicates static analysis and decryption for defenders.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fblog%2F2025%2F12%2F15%2Fdefending-against-the-cve-2025-55182-react2shell-vulnerability-in-react-server-components%2F%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/x9ZxSiUzxIIGo1JqFSql_NCy-3RC-eMeaElj0SAI8LQ=436">
<span>
<strong>Defending against the CVE-2025-55182 (React2Shell) vulnerability in React Server Components (16 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CVE-2025-55182, also known as React2Shell, is a critical remote code execution vulnerability in React Server Components and frameworks such as Next.js that allows attackers to execute arbitrary code with a single malicious HTTP request on vulnerable servers. Default configurations are affected and reliable public exploits exist. Attackers can gain initial access without authentication and then deploy tools such as reverse shells, RATs, cryptominers, and credential harvesters across Windows and Linux environments.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fresource.cobalt.io%2Fstate-of-llm-security%3Futm_campaign=14995291-SOPR%2520AI%2520cut%25202025_06%26utm_source=TLDR%26utm_medium=enewsletter/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/-fsaQrUzA3Js4677lMx0GlYfCtcPMGUP2rtpR_Cqe1A=436">
<span>
<strong>32% of LLM pentest findings are high risk, yet 79% remain unpatched: Cobalt report (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Security folks say genAI threats are a top concern, but few have the LLM and AI-powered security testing they need to address this novel risk. Cobalt's <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fresource.cobalt.io%2Fstate-of-llm-security%3Futm_campaign=14995291-SOPR%2520AI%2520cut%25202025_06%26utm_source=TLDR%26utm_medium=enewsletter/2/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/9r7AHXmO0tYZnC-owiqk6rrjLRkUGIGpqcjRHxbO2GY=436" rel="noopener noreferrer nofollow" target="_blank"><span>State of LLM Security Report 2025</span></a> lays out the key LLM vulnerabilities, along with concrete recommendations for security teams. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fresource.cobalt.io%2Fstate-of-llm-security%3Futm_campaign=14995291-SOPR%2520AI%2520cut%25202025_06%26utm_source=TLDR%26utm_medium=enewsletter/3/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/2hZ8yUy8S9IdCL2hdPOnW4nLzq5w-w4SSaa9bD3QPdw=436" rel="noopener noreferrer nofollow" target="_blank"><span>See the full findings</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FDataDog%2Fmalicious-software-packages-dataset%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/AVlIj64OFO4-yLka6i3XijsyCiUVBCiHVUUPxbXghJ4=436">
<span>
<strong>Malicious Software Packages Dataset (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Datadog released an open-source dataset of over 17,000 malicious npm and PyPI packages identified through their GuardDog tool, categorized by ecosystem and whether they were compromised legitimate packages or published with malicious intent.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Ffcavallarin%2Fwirebrowser%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/g8a-wEkMn_9fG8ZFBzVfBbkj6oFyFPqGNH_LFx6ADBw=436">
<span>
<strong>Wirebrowser (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Wirebrowser is an open-source debugging and interception toolkit built on Chrome DevTools Protocol that combines network manipulation, API testing, and deep JavaScript memory inspection. Key features include Live Object Search for runtime patching of JS objects and Origin Trace (BDHS) for identifying user-land functions responsible for object creation or mutation through automated heap snapshots.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.verisoul.ai%2F%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/GQFGbEDY2axqLTnyk1jHj3_xwKqtpWNqNoDpbmugWoY=436">
<span>
<strong>Verisoul (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Verisoul provides an allβinβone fraud prevention platform that detects and blocks fake accounts and bots across the entire user lifecycle using device fingerprinting, behavioral analysis, and AIβdriven risk scoring to protect platforms from AIβpowered abuse and payment fraud.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.jakesaunders.dev%2Fmy-server-started-mining-monero-this-morning%2F%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/i9YWJRFm30mfylf5XOkbDKBElFcOskYNaquSRc-fuAw=436">
<span>
<strong>I got hacked, my server started mining Monero this morning (9 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A developer's Umami analytics container was exploited via CVE-2025-66478, a Next.js React Server Components deserialization flaw, resulting in Monero cryptominers running undetected for 10 days. Container isolation prevented the compromise from spreading because the container ran as non-root with no volume mounts or privileged access. The incident highlights the importance of knowing your dependencies' underlying frameworks and properly configuring container security boundaries.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2025%2F12%2F18%2Ftech-provider-for-nhs-england-confirms-data-breach%2F%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/iVzfO0bbKnMncYBCoi1k2I4vZMBOYlZbWzxky553S_4=436">
<span>
<strong>Tech provider for NHS England confirms data breach (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
UK healthcare tech firm DXS International has reported a cyberattack on its office servers serving NHS England. Services will remain operational while the scope of any data theft is under investigation. A ransomware group called DevMan claims to have stolen 300 GB of data. Authorities, including the UK Information Commissioner's Office and law enforcement, have been notified.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FqePNur/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/Qr89eEhBACM_SbJK-pG1HEkpsluOQS_vzkO5qQqPRUQ=436">
<span>
<strong>In Cybersecurity, Claude Leaves Other LLMs in the Dust (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Anthropic's Claude models outperform rival LLMs on jailbreak resistance, prompt injection defenses, and limiting harmful or misleading outputs. While most vendors show mediocre and slow safety progress, Claude 4.x scores around 75β80% on jailbreak tests and nearly perfect on harmful content refusal, largely because Anthropic bakes safety alignment deeply into the training process instead of adding it as a final layer.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Ffrance-arrests-hacker-interior-ministry-systems%2F%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/61DQ4ns3SRPRD-AWaq5Gbw5a8SRMasBASGUdVpT2ApI=436">
<span>
<strong>France Arrests 22 Year Old After Hack of Interior Ministry Systems (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
France arrested a 22-year-old suspect after BreachForums administrator "Indra" claimed responsibility for breaching the Interior Ministry and allegedly accessing criminal records, wanted persons databases, and Interpol systems containing over 16 million records.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farcanum-sec.github.io%2Farc_pi_taxonomy%2F%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/9pT5ml9cVhgD82jtRzNvhdO3PaI3SZhVnZhWbBAHp2Y=436">
<span>
<strong>Arcanum Prompt Injection Taxonomy (Web App)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Arcanum Prompt Injection Taxonomy provides a structured taxonomy of prompt injection attacks, categorizing different types of attacks intents, techniques, and evasions.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Ffbi-seize-e-note-crypto-laundering-russian-admin%2F%3Futm_source=tldrinfosec/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/wswNjyq2-v8xs93m_cVi2nPERB3cqc4-qw3t26tf37g=436">
<span>
<strong>FBI Seizes Crypto Laundering Hub E-Note Linked to Russian Admin (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The FBI, working with German and Finnish authorities, seized cryptocurrency exchange E-Note and indicted Russian national Mykhalio Petrovich Chudnovets for laundering over $70 million for ransomware operators since 2017.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/by4PnvQV5kmpsFtpnRxRiKTwBfWkDuCXpKPiN93LbWM=436" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/y_uHUZnEsNDw7Xguc27upwCL2AyuAOj4K7rOg00gMAQ=436" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/9lNgQq0sLV8D0DogaBqzAgNtQmpQS8Od99hKmX4koho=436"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/Yw85GCcLv1XWwjG_CwAg9ZSa2X_QkRC16R29toh4QMg=436" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/u-His3WSaYtZN2CIytNg9xzbNKqHEeHsTEZzw5S60gw=436" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/suvayjmmsGLTW99qOSmCQj_CAQhOlKivL-jmU_0WWS0=436" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/4PkTv1r7FLUz2IMY40EfZ9MNS_4iyGkdDQ_mapKcK7M=436"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/kZY2AwVu2GX4rfKVptPwLTGVO_2Vwwy-G_gZr5KXG8A=436"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/X7vHpSmljgQ1grnka4Rls87NOXm4E-e_1V18-FTfGo0=436"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/kMjbDtlJoJLswvvraVdp0D8MVv2BUFLiNdybPLxcK9U=436">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=6902e4e8-dcc5-11f0-b050-4b4680e9e42d%26pt=campaign%26pv=4%26spa=1766152925%26t=1766153215%26s=37e3fa1e6468efdb968c1f0e32d4a96873f624b3d184d2adc28780b2de69a40f/1/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/kikaug7sXgc6Kyz8doh2_g8WvO7cZ9lD_hHD6iaFVSE=436">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019b36ef5f87-b97e749f-067d-4b04-af33-01d0625d84fb-000000/K9g9m50_YBhGT3ISAc20jf5QJE-__hRnKAifC2XADj8=436" style="display: none; width: 1px; height: 1px;">
</body></html>