<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Scammers are flooding LinkedIn posts with fake reply comments from company pages impersonating LinkedIn (e.g., "Linked Very") β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/T-iTYRAJAz4gkXUhnKMPgzXqIutm86Ww9mo8dLaFOBc=440" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/es5jAXpBFrd2Ho16GmPQouI-_09vIRvimjub5m52VxY=440" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=4e5dc388-f20a-11f0-9568-43d0f759b15a%26pt=campaign%26t=1768486073%26s=ad212d0a016efa06380185e9c10e5cb8039850b6bb1121c7ad2e57cfc98d78f8/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/t0UUnDx5VykSftzuwOc9Cop8oTbjeAQPp6FhsoY9_eA=440"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fnew-framework-for-identity-security%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_all_amer_english_webinar-identity-security-framework_consideration_2026-01%26utm_content=text%26utm_term=live-january-15-newsletter/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/7jskCxi2fq6GK10RbKQHiAtPG6jeMa9eIYOvsQsA1og=440"><img src="https://images.tldr.tech/1password-2.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="1Password"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-01-15</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fnew-framework-for-identity-security%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_all_amer_english_webinar-identity-security-framework_consideration_2026-01%26utm_content=text%26utm_term=live-january-15-newsletter/2/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/q9WGYLH1iZ41k8k_NYCccoGMNjJzVQwlyhO_tikR-a0=440">
<span>
<strong>Best practices for uncertain times: 1Password's new framework for identity security (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
As 2026 begins, businesses are contending with a fragmented threat landscape. Identities, applications, devices, and AI-driven tools are multiplying, often outside of IT or security's control. <p></p><p>In the face of these fractured, unmanaged threats, the need for a <em>unified</em> approach to identity security has never been greater.</p><p>On January 22nd, join three security leaders for a discussion on how they're:</p><ul><li>Achieving comprehensive visibility and control</li><li>Using IT to drive business outcomes</li><li>Applying zero trust principles to an AI-driven world</li></ul><p>Forward-thinking security and IT leaders won't want to miss this visionary conversation.</p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2F1password.com%2Fwebinars%2Fnew-framework-for-identity-security%3Futm_source=tldr%26utm_medium=paid_newsletter%26utm_campaign=sa_all_amer_english_webinar-identity-security-framework_consideration_2026-01%26utm_content=text%26utm_term=live-january-15-newsletter/3/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/ALi1JJKeHS2DJgw4s_Ued7Pdk6XJUMGl2PdjSHHNQIY=440" rel="noopener noreferrer nofollow" target="_blank"><span>Sign up for the webinar now</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fconvincing-linkedin-comment-reply-tactic-used-in-new-phishing%2F%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/lM-_uwR4Kzy-aiGvRr_qafGoe64EOqQkjbera7Bv3mc=440">
<span>
<strong>Convincing LinkedIn comment-reply tactic used in new phishing (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Scammers are flooding LinkedIn posts with fake reply comments from company pages impersonating LinkedIn (e.g., "Linked Very"), warning users about bogus policy violations and directing them to credential-harvesting sites. The campaign gains credibility by using LinkedIn's official lnkd.in URL shortener to mask phishing domains, making malicious links harder to identify without clicking. LinkedIn confirmed awareness and emphasized that it never communicates policy violations through public comments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftherecord.media%2Fbelgium-hospital-cyberattack-antwerp-az-monica%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/UFIkONXMIqzoTDb5r-RQxw_dlEXrgkwFqqvaByOANng=440">
<span>
<strong>Cyberattack forces Belgian hospital to transfer critical care patients (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A ransomware attack on AZ Monica hospital in Antwerp severely disrupted IT systems, forcing servers offline and halting most surgeries and many treatments, including imaging and chemotherapy. Critical patients were moved with Red Cross help, while other hospitals, including Amsterdam UMC, took over urgent chemotherapy.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.thedailybeast.com%2Fpersonal-details-of-thousands-of-border-patrol-and-ice-goons-allegedly-leaked-in-huge-data-breach%2F%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/gWoyAuuMsF75_nqX2-K8NH7l-3SkHeL1NWzi3uRFEP8=440">
<span>
<strong>Personal Details of Thousands of Border Patrol and ICE Agents Allegedly Leaked in Huge Data Breach (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Sensitive data belonging to around 4,500 ICE and Border Patrol employees has been released by a Department of Homeland Security whistleblower. The leaked data includes names, work emails, phone numbers, roles, and some resume data. The data was leaked to the ICE List website, which stated that it would conduct a manual review to filter out certain roles before releasing the data.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fresearch.checkpoint.com%2F2026%2Fvoidlink-the-cloud-native-malware-framework%2F%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/x5LTRkj3-K1Dgog98Wm2sTuug2Aed70d5AiUWRhsRRY=440">
<span>
<strong>VoidLink: The Cloud-Native Malware Framework (15 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
VoidLink is a sophisticated Zig-based Linux malware framework from Chinese-affiliated developers. It features a cloud-first design that detects AWS, GCP, Azure, Alibaba, and Tencent environments and adapts its behavior based on detected EDRs and security controls. The framework includes 37+ plugins inspired by Cobalt Strike's BOF architecture, environment-adaptive rootkit deployment (LD_PRELOAD, eBPF, or LKM-based on the kernel version), and multiple C2 channels, including HTTP, DNS tunneling, ICMP, and P2P mesh networking. VoidLink's credential-harvesting targets cloud environments, Git repositories, and SSH keys, suggesting that software engineers and cloud infrastructure are primary targets for espionage or supply chain attacks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhorizon3.ai%2Fattack-research%2Fdisclosures%2Fcve-2025-64155-three-years-of-remotely-rooting-the-fortinet-fortisiem%2F%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/Ucd-ixTRr-TR4M_PpCGv02jK4OUSDn1q6kMa2me9k8I=440">
<span>
<strong>CVE-2025-64155: Three Years of Remotely Rooting the Fortinet FortiSIEM (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A series of vulnerabilities in Fortinet's FortiSIEM platform allows a remote, unauthenticated attacker to gain full control of the appliance, from admin access to root. The weakness lies in how the phMonitor service processes certain storage-related requests, ultimately enabling crafted data to reach a curl-based health-check script and inject extra arguments. By abusing curl's features, an attacker can write arbitrary files as the FortiSIEM admin user and then leverage a writable script executed by root via cron to escalate privileges. Combined, these flaws permit long-term, stealthy compromise of FortiSIEM deployments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.ncsc.gov.uk%2Fguidance%2Fchoosing-a-managed-service-provider-msp%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/00DeuM7GSfaTwg_ER2ja38Th9PzOWpjIIZmPsUrtvug=440">
<span>
<strong>Choosing a Managed Service Provider (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The UK's NCSC released a guide and checklist for small- to medium-sized enterprises (SMEs) seeking to choose a Managed Service Provider (MSP) for IT and security services. Organizations should request any certifications the MSP has, customer testimonials, and ensure the MSP communicates clearly and transparently. Organizations should also ask the MSP about their policies on patching, backups, data access, logging, and incident response.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fpydantic.dev%2Farticles%2Fpydantic-ai-gateway%3Futm_campaign=secondary150126%26utm_source=tldrinfosec%26utm_medium=newsletter/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/17AdL53uhieADc4_SUROABFS8AT8wCVijp0CjOB7pe8=440">
<span>
<strong>Tired of waiting for your AI gateway to catch up? Pydantic offers one key, zero translation (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
With enterprise usage, LLM governance is a pain. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fpydantic.dev%2Farticles%2Fpydantic-ai-gateway%3Futm_campaign=secondary150126%26utm_source=tldrinfosec%26utm_medium=newsletter/2/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/nH5tzz1kmvz6lhb26kgvLgmio3uEQCQ0Z2PFAORLGso=440" rel="noopener noreferrer nofollow" target="_blank"><span>Pydantic AI Gateway</span></a> (PAIG) provides one key for all major providers (OpenAI, Anthropic, Google, AWS Bedrock, Groq, etc.), zero schema translation, and granular spend caps. Get a full audit trail and SSO while enjoying single-digit millisecond overhead via Cloudflare's global edge. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fpydantic.dev%2Fai-gateway%3Futm_campaign=secondary150126%26utm_source=tldrinfosec%26utm_medium=newsletter/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/rlMp6PXNaHOVpwbL4pcVc7_WG-vwzicQMOGy3iop0A8=440" rel="noopener noreferrer nofollow" target="_blank"><span>Start with no credit card</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Frobert-mcdermott%2Fai-knowledge-graph%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/uyN2yo9hopQHfsc6B7Ah5fY6FP0HAw_dd_ifkFAwsr4=440">
<span>
<strong>ai-knowledge-graph (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
ai-knowledge-graph is a Python tool that extracts Subject-Predicate-Object triplets from unstructured text using any OpenAI-compatible LLM endpoint and generates interactive knowledge graph visualizations. It features automatic text chunking, entity standardization across document segments, and relationship inference to connect disconnected graph components. The tool outputs interactive HTML visualizations with community detection, centrality-based node sizing, and filtering controls.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fgoogle%2Faura-inspector%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/jlEe4D1IzXlSIPdOoED6vID0K2RAFFs5zaIi8fuN2kE=440">
<span>
<strong>Aura-inspector (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Aura-inspector is a Swiss Army knife of Salesforce Experience Cloud testing. It facilitates in discovering misconfigured Salesforce Experience Cloud applications as well as automates much of the testing process.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fnovee.security%2F%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/rhhm-2zovGUpsl0cBt9cJ0XA9VDDuckeBLHmb_UYnYU=440">
<span>
<strong>Novee (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Novee offers a continuous, AI-driven penetration testing platform that simulates sophisticated real-world attackers to uncover novel vulnerabilities, including complex business logic flaws. It also provides exploit validation, automated retesting, and remediation guidance.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.lukaszolejnik.com%2Fphysical-attacks-on-crypto-holders-wrench-assaults-rising%2F%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/CEpe-6lg2dhl7bWNPFbE6tSkNxtbYRvR7nXAJcCLuKg=440">
<span>
<strong>Physical attacks on crypto holders - wrench assaults rising? (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
France has experienced a surge in violent "wrench attacks" targeting cryptocurrency holders and their relatives between 2024 and 2026, exploiting self-custody's fundamental weakness: anyone with the key or seed phrase can irreversibly transfer funds without bank intervention. Attackers identify targets through public displays of wealth on social media, data leaks from crypto firms like Ledger, and potentially compromised access to government databases, including new EU crypto-asset reporting systems under DAC8. Recommended mitigations include operational security measures, time-locked transactions, and multisignature wallet schemes requiring geographically distributed keys.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F01%2Fkimwolf-botnet-infected-over-2-million.html%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/6R3E-6bqmZFC_csF0Ze-Rkr72X1BLcb8hD7oTMYOuPA=440">
<span>
<strong>Researchers Null-Route Over 550 Kimwolf and Aisuru Botnet Command Servers (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Black Lotus Labs null-routed over 550 C2 nodes associated with the AISURU/Kimwolf botnet, which has infected more than 2 million Android devicesβprimarily unsanctioned TV streaming boxes with exposed Android Debug Bridge (ADB) services. The botnet exploits vulnerabilities in residential proxy services to propagate, turning compromised devices into proxy nodes for DDoS attacks and malicious traffic relay. Security teams should monitor for ADB exposure on network devices and block traffic to the identified C2 infrastructure.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F9bCV26/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/qxoBHVgiN724d2Y7L00cIdbDbojgVrUwI5osSU5hqMI=440">
<span>
<strong>I Almost Lost My Apple Account to the Most Sophisticated Phishing Attack I've Ever Seen (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A security-conscious user received several 2FA prompts and SMS verification codes for their Apple account one afternoon, followed by an automated call warning them that their account was under attack. After receiving this call, a second call came from a very professional-sounding employee who created a support case for the user, verified that it was from Apple to build trust, and walked the user through resetting their password. The phish then had the user βclose the caseβ via an SMS link, which directed them to a sophisticated phishing site where they could steal the user's credentials.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fukraines-army-targeted-in-new-charity-themed-malware-campaign%2F%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/3PiEdaquVuA6LeF4SMRvmFfmTvPn93Fs0-aAVm-oxiw=440">
<span>
<strong>Ukraine's army targeted in new charity-themed malware campaign (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CERT-UA reported that the suspected Russian threat group Void Blizzard targeted Ukrainian Defense Forces officials via Signal and WhatsApp with charity-themed lures delivering the PluggyApe backdoor, which now features MQTT-based C2 communication and dynamic address retrieval from paste sites.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FLfeKLr/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/MFYvKEW7VS0bGOSsmtK5uBczt45Rfx6kR4oAKo7O8DE=440">
<span>
<strong>Global Cybersecurity Outlook 2026 (30 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The WEF's fifth annual cybersecurity report shows 94% see AI as the main cyber driver, 87% cite AI vulnerabilities as the fastest-growing risk, and 91% of large organizations are revising cybersecurity strategies due to geopolitical volatility.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F01%2F14%2Fanthropic_python_security%2F%3Futm_source=tldrinfosec/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/ihJQzN-VwqykWwncXFB2HIIsmC-UNmUspKyrperwc-I=440">
<span>
<strong>Anthropic finds $1.5 million to help Python Foundation improve security (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Anthropic is donating $1.5 million to the Python Software Foundation to enhance security in CPython and PyPI, thereby lowering supply chain risks for millions of Python developers and possibly other open source ecosystems too.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/IIFB4uNE3MwYNImLhbTcyTOCGSBDguyt-Z4xoY07wis=440" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/YDs0vHYnlZk7MTzNkSqYTbkqE2PYn4pm371iMOtTD-8=440" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/2XJF_Lzl1bYLihCTyQP0IcgBT2aJhbpnYpCGyIMVFko=440"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/zHbrIBi-oXSD7kn62W_Ox_LtPskPAmUR3DlxZOc_oz8=440" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/znhAS0CKTZ2j3I4T2MZ_P3pSa2w2UJrA7O-DTYJ6rGA=440" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/NU2TyOYHbR09BGEFkxklVjQBaeTxx0wdMksx0qe_eRA=440" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/UTa3LgaaDrKxF6PpsBHnd4TXsFdlJHsg2TGqyYUdsEI=440"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/ZPSkJiPkRX_oMLM7dmjSZv_G-3cSEAoLhZeAoNDOs1U=440"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/YNyzGLRnhjsqOvQDon-nHPaSo2_or4B_OrK4lRY-gvM=440"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/H0YFj-9so49tn3qh9_4wu3O2QEQNTHpzlRZafp4LgiM=440">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=4e5dc388-f20a-11f0-9568-43d0f759b15a%26pt=campaign%26pv=4%26spa=1768485713%26t=1768486073%26s=3a41bd2cd7afa33e27ba595fecfa19101a36bc3d73949afe8b176d6362ad5da7/1/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/zpssCLh4IEfhTeogmM1ghvAXJFdHDksqkhweVxIaQL8=440">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019bc1fbf352-d5e6ce96-8c65-4be8-9409-077f40482a60-000000/EzLQC2UFSzawbO1FO2hdlbhkb6-GGkhKyBSVWxlNboA=440" style="display: none; width: 1px; height: 1px;">
</body></html>