<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Malwarebytes raised concerns about a trove of Instagram user information being sold on the dark web. The breached data includes usernames β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/Aa02omCyzvfRVQXrFI1r33l5kMUdBEMZu4JZaHESV8E=439" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/cSWGS_52H-aM0X2zX8Y9E8Ev1o47UDc1KCG6fxiXOr0=439" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=ad41d096-efb3-11f0-9b0d-77cd9e932553%26pt=campaign%26t=1768226877%26s=43672e4c25f7577c28207ac60e6bec143e102f35bf89523beac60997a429f15b/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/M7C5oc-X6lIgB227tRXJcOdja_HBUk068ac9GWrT0ZY=439"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.adaptivesecurity.com%2Fdemo%2Fsecurity-awareness-training%3Futm_medium=newsletter%26utm_source=tldr-infosec%26utm_campaign=20251210/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/cvEpSHOjkwM9OzyFwBn1ESoRLa4--Qz6DtS42ky8ev0=439"><img src="https://images.tldr.tech/adaptive.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Adaptive Security"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-01-12</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.adaptivesecurity.com%2Fdemo%2Fsecurity-awareness-training%3Futm_medium=newsletter%26utm_source=tldr-infosec%26utm_campaign=20251210/2/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/jSCLv-Heado72DJqz6yZWb0cZAGrwqZdtfjX0Q4QDpQ=439">
<span>
<strong>When your CEO calls, will you know it's real? (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Today's phishing attacks involve AI-generated voices, videos, and interactive deepfakes of company executives. They fool 99% of people.<p></p><p>Adaptive Security protects your business with the first <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.adaptivesecurity.com%2Fdemo%2Fsecurity-awareness-training%3Futm_medium=newsletter%26utm_source=tldr-infosec%26utm_campaign=20251210/3/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/jjZDZSnIVitrQlYLKMdg19bk1pn9ZQ1G_bFasUaOIS8=439" rel="noopener noreferrer nofollow" target="_blank"><span>security awareness platform built to stop AI-powered social engineering</span></a>. Adaptive recently raised <strong>$145M+ from NVIDIA and Bain Capital, </strong>and features products like:</p>
<ul>
<li>Deepfake attack simulations featuring your real executives in realistic attack scenarios</li>
<li>Interactive, personalized training content tailored for each employee</li>
<li>AI-driven risk scoring that reveals what attackers can learn from your public data</li>
</ul>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.adaptivesecurity.com%2Fdemo%2Fsecurity-awareness-training%3Futm_medium=newsletter%26utm_source=tldr-infosec%26utm_campaign=20251210/4/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/lEM9gK8oy6Zf5jIxJ0-YVOf_5oZ5CSSVTVudFKigVzg=439" rel="noopener noreferrer nofollow" target="_blank"><span><strong>>> Book a demo</strong></span></a><strong> </strong>and experience a custom deepfake simulation</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.adaptivesecurity.com%2Fdemo%2Fself-guided-tour%3Futm_medium=newsletter%26utm_source=tldr-infosec%26utm_campaign=20251210/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/putwy2onH-EGYlOh-ZGveZFehUdkvMlgbJWLvVqJfXE=439" rel="noopener noreferrer nofollow" target="_blank"><span><strong>>> Take a tour</strong></span></a><strong> </strong>of the platform (3 minutes)
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F01%2Fchinese-linked-hackers-exploit-vmware.html%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/ziSfV5YjRt-tCod2qYUpBRQb_GhqFlnZUK6wwHxj9Io=439">
<span>
<strong>China-Linked Hackers Exploit VMware ESXi Zero-Days to Escape Virtual Machines (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Huntress observed Chinese-speaking threat actors exploiting three VMware ESXi zero-days (CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226) to escape virtual machine isolation and gain full hypervisor control. Evidence suggests the exploit toolkit was developed as early as February 2024, over a year before Broadcom's March 2025 disclosure. The multi-stage attack chain used a compromised SonicWall VPN for initial access and deployed the VSOCKpuppet backdoor, which communicates over VSOCK to bypass traditional network monitoring entirely. Organizations should prioritize patching these vulnerabilities and monitor for unusual VMCI/VSOCK activity between guest VMs and hypervisors.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbreachforums-hacking-forum-database-leaked-exposing-324-000-accounts%2F%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/Cl23q2UGGomtW43vILgEOe1QWFxRog04qP-sCfwHXhM=439">
<span>
<strong>BreachForums Hacking Forum Database Leaked, Exposing 324K Accounts (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The latest version of the infamous BreachForums suffered a data breach that leaked a database of user accounts. The breached data includes display names, registration dates, IP addresses, and other internal information. Many of the breached users' IPs route to loop back, but over 70k records contain public IPs.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcybersecuritynews.com%2Finstagram-data-leak-exposes-sensitive-info-of-17-5m-accounts%2F%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/PWxcyMls3rUrKo9adlxcnr2-w1ekDiO4jmMDJmQJ3kY=439">
<span>
<strong>Instagram Data Leak Exposes Sensitive Info of 17.5M Accounts (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Malwarebytes raised concerns about a trove of Instagram user information being sold on the dark web. The breached data includes usernames, emails, phone numbers, and partial location data. Instagram has stated that there was no data breach, but rather an issue that allowed external parties to send unrequested password reset emails.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.elttam.com%2Fblog%2Fleaking-more-than-you-joined-for%2F%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/v2OY87RLCDuyRTrxrfgs50yz3XNznBGC03GK2ZDwKdQ=439">
<span>
<strong>ORM Leaking More Than You Joined For (15 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
ORM Leak vulnerabilities extend beyond susceptible ORMs such as Django and Prisma to any application that implements robust filtering capabilities. This article details practical examples, including Harbor CVE-2025-30086 (Beego ORM) and authentication bypasses via Prisma operator injection via type coercion, and discusses multiple techniques for bypassing naive protections, including exploiting Beego's broken expression parsing, where non-relational fields in filter expressions are overwritten by subsequent fields. Semgrep detection rules for Django, Prisma, Beego, and Entity Framework ORMs have been published to help identify these commonly overlooked vulnerabilities.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frosecurify.com%2Ftwo-cves-zero-ego-a-mailpit-story%2F%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/xww4kdy0cEUfegCX68LrMEEm6TetXk8OoG9u1qAL_6c=439">
<span>
<strong>Two CVEs, Zero Ego: A Mailpit Story (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Mailpit is a lightweight email testing tool used in development that recently had two notable security issues uncovered: a server-side request forgery (SSRF) and a cross-site WebSocket hijacking (CSWSH) flaw. The SSRF bug allowed attackers to abuse a proxy endpoint to access internal services such as cloud metadata, while the WebSocket issue allowed any website to connect and stream all captured emails without authentication. The maintainer quickly fixed both issues in new releases and coordinated CVEs, showing how respectful communication, GitHub Security Advisories, and low-ego collaboration between researchers and developers lead to fast, effective vulnerability remediation.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Forca.security%2Fresources%2Fblog%2Fgithub-actions-security-risks%2F%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/7cv1u9qw6EEPMh5lawaBWkM7GAY1JEPNCbzA5eZEby8=439">
<span>
<strong>Attackers Love Your GitHub Actions Too (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
GitHub ranks as the second most used CI/CD tool, but it also exposes a large attack surface to attackers. GitHub Actions can unintentionally expose secrets or overprovision tokens. Actions are vulnerable to supply chain compromise via poisoned dependencies and injection attacks.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FAdversis%2Ftailsnitch%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/W2Ody--Q5k3x3qoEL-78_bG0Z9j6rSXLfFmUSDB5b7c=439">
<span>
<strong>Tailsnitch (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Tailsnitch is a security auditing tool for Tailscale configurations that scans tailnets for 50+ misconfigurations, overly permissive access controls, and security best practice violations across seven categories, including ACLs, authentication keys, and network exposure. The tool supports severity filtering, interactive remediation mode, JSON export for CI/CD integration, and SOC 2 evidence generation with Common Criteria control mappings. Checks range from critical issues like default allow-all policies and overly broad tagOwners to informational items covering logging and DNS settings.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FMegaManSec%2FGixy-Next%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/ruS1kXQE4Wm-FugoNNRyMSVcDpFas2h41omN4yWBBBg=439">
<span>
<strong>Gixy-Next (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Gixy-Next (Gixy) is an open-source NGINX configuration security scanner and hardening tool that statically analyzes nginx.conf files to detect security misconfigurations, hardening gaps, and common performance pitfalls before they reach production. It is an actively maintained fork of Yandex's Gixy.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fxorhex%2FBinYars%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/JcrcnBCmnYCXy_X-E1_3K568h88Cc-6U5onel3CN-UI=439">
<span>
<strong>BinYars (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
BinYars is a Binary Ninja plugin that integrates YARA-X into Binary Ninja.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F01%2Fmuddywater-launches-rustywater-rat-via.html%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/pBJhObyHnDcgFnVkYMW2CAt_uYyig8r8am_xVF3M8PE=439">
<span>
<strong>MuddyWater Launches RustyWater RAT via Spear-Phishing Across Middle East Sectors (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Iranian threat actor MuddyWater has been attributed to spear-phishing campaigns targeting diplomatic, maritime, financial, and telecom entities in the Middle East using a new Rust-based implant called RustyWater (also known as Archer RAT/RUSTRIC). The malware, delivered via malicious Word documents with VBA macros, establishes registry persistence and supports asynchronous C2 communication for file operations and command execution. This marks MuddyWater's continued evolution away from PowerShell and VBS loaders toward more structured, modular RAT capabilities.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F01%2Feuropol-arrests-34-black-axe-members-in.html%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/kksFJ8UYXi_YaRN1R7G2LaIyDJWo-HtJJjxhpkkI0rg=439">
<span>
<strong>Europol Arrests 34 Black Axe Members in Spain Over β¬5.9M Fraud and Organized Crime (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Europol and Spanish police have dismantled a major Black Axe cell in Spain, arresting 34 suspects across Seville, Madrid, MΓ‘laga, and Barcelona for cyber-enabled fraud and violent organized crime. Authorities link the Nigerian-origin syndicate to scams like business email compromise and romance fraud, with losses over β¬5.93 million, and report cash and bank account seizures alongside prior global crackdowns on the group.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdanielmiessler.com%2Fblog%2Fcybersecurity-ai-changes-2026%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/k_0AXelXvDCIf_-q5fcgsUDY70zXMrA2m4uOXr21Mzc=439">
<span>
<strong>Cybersecurity Changes I Expect In 2026 (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The primary cybersecurity question of 2026 will be whether an attacker's or defender's AI is more effective. Agentic security will encourage teams to build products rather than buy them, devalue junior employees, and lead to workplace upheaval. AI will also improve the efficacy of common security program weak points, such as secure code training and asset management.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fartificial-intelligence%2Fanthropic-viral-claude-banned-and-reported-to-authorities-message-isnt-real%2F%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/m0O8Ki5uJf1B16QDN89MoXPamX0qKDGTFEru-IWnV_I=439">
<span>
<strong>Anthropic: Viral Claude "Banned and reported to authorities" message isn't real (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Anthropic confirmed that a viral screenshot claiming Claude permanently banned a user and reported them to authorities is fake, noting the recurring hoax doesn't match any actual system messages.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fmicrosoft%2Fmicrosoft-may-soon-allow-it-admins-to-uninstall-copilot-on-managed-devices%2F%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/8CvH-jCSjnK801FZIai5qhxombuPTIuvVAX-iayXRYE=439">
<span>
<strong>Microsoft may soon allow IT admins to uninstall Copilot (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft is testing a new RemoveMicrosoftCopilotApp group policy in Windows 11 Insider builds that allows IT administrators to uninstall the Copilot app on managed devices via Intune or SCCM.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theverge.com%2Fnews%2F860337%2Finstagram-fixed-password-reset-emails%3Futm_source=tldrinfosec/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/surA3DDWXwW7MOciA7ZDp-xXuS64fLnll1C1wSQqtXI=439">
<span>
<strong>Instagram says it fixed the issue that let someone send all those password reset emails (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Instagram acknowledges that an external party exploited a flaw to trigger mass password reset emails, but insists there was no breach and that accounts remain secure, advising users to ignore the notifications
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/gbQDRs0h--XMwi1_OtxbqYcQPqDaLvyrCd3a-VF3qNk=439" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/KHUMPjg7fXR09bFqU65yW2DnwIerjSDTSJn9f2mK-g0=439" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/mf9dmUnMjgKG_C-AiLF4zE8dN5ps1aqTr5Jsysvbo4s=439"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/hhS9tITwMKUuwsFywnteVsvV4bRTZNULP_oFkVSJXSw=439" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/TywscxD08Adnv6C6EIyGtgmJSJm_finQjcVL6RvUrk8=439" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/ENp5uDZMRG9vGpgydk0AYRmSrP0lS5A8LYDizSREyCQ=439" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/1fY6oH_Jv3vSpuuDSpMJBL7yLhgM8Ou4S_00bqZZkwI=439"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/fDAq65-P-n1R1h6QlvT3WOh_8BxPKxdJmKIsXH1PBIY=439"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/DHY8lUkeM9BOGkuDSP1DoVXAgoTRAHI9oV5Sj93wzbc=439"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/VfghTB4yb8UUfb7aFvtGxWaKG5ciHX4CEEHHfcPabAA=439">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=ad41d096-efb3-11f0-9b0d-77cd9e932553%26pt=campaign%26pv=4%26spa=1768226545%26t=1768226877%26s=3f1781616ec0cf13e68991c86c418eee2d654830a8f0cee1c3d5e2cef48bc1d6/1/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/Qma_3UpLsFeK90bCcUMrThlF7cCQRbcgGyB1_lJp49A=439">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019bb288f185-ffa3b6c2-8734-4657-a052-31b92c43da9b-000000/xnQjxAZuOz2kQsgxYlFVi9PNBeCw5MOSx1qts4eIYos=439" style="display: none; width: 1px; height: 1px;">
</body></html>