<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Wordfence detected a new critical vulnerability in the Advanced Custom Fields Extended (ACF Extended) plugin for WordPress β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/BC4j0_y0IDFyOjoTdvr-7OeJTQM47Kifxa-MowcqUug=441" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/2KchUadHKTxiGOVihqxBhGF-lC1P9Ihz0RuEY7IsUAk=441" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=32d11dc8-f68c-11f0-8a70-db9333cbb606%26pt=campaign%26t=1769004406%26s=c76b065a49c93469d582c84192e05546261d8252e86bc0ef3a3cb40186e986f8/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/8UVGw53eZ0wGU-Cyas9b73wCmNHkdzg3GbjsxeokTvU=441"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fai-and-threat-intelligence-guide%3Futm_campaign=Resource_RP_AI_Threat_Intelligence%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000RZE8cIAH/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/QFs2Q3c7DtM24ufsKzk4WJm5iS7NxSCJft0Z9xNBV54=441"><img src="https://images.tldr.tech/flashpoint.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Flashpoint"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-01-21</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fai-and-threat-intelligence-guide%3Futm_campaign=Resource_RP_AI_Threat_Intelligence%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000RZE8cIAH/2/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/kfcL3mK0pBFaIzmNay96E3-rl-CEHzp3LZ2sBFzVdl4=441">
<span>
<strong>The Dark Side of AI: 2.6MM Underground Messages Analyzed (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Flashpoint just released a massive study of the AI threat landscape. Analysts monitored over <strong>2.6 Million AI-related posts</strong> across Telegram, the dark web, and underground LLM forums.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fai-and-threat-intelligence-guide%3Futm_campaign=Resource_RP_AI_Threat_Intelligence%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000RZE8cIAH/3/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/BYV1V9VTl_UXAoCmzMRDaixYCeUYb47Npyz8EDZsvaM=441" rel="noopener noreferrer nofollow" target="_blank"><span>The findings are a wake-up call</span></a>. Threat actors are no longer just "experimenting" β they are deploying:</p>
<ul>
<li><strong>Deepfake-as-a-Service</strong> for sophisticated social engineering.</li>
<li><strong>Multilingual phishing kits</strong> that erase language barriers.</li>
<li><strong>Fraud-GPTs:</strong> Custom LLMs fine-tuned specifically for malicious activity.</li>
</ul>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fai-and-threat-intelligence-guide%3Futm_campaign=Resource_RP_AI_Threat_Intelligence%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000RZE8cIAH/4/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/NDXxyo4MyWNeOGQcH-VxsK1lS5VxPTppfq2D_wv6Wvc=441" rel="noopener noreferrer nofollow" target="_blank"><span><strong>Get the Free Guide </strong></span></a>to learn how to stop AI-powered attacks.
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Facf-plugin-bug-gives-hackers-admin-on-50-000-wordpress-sites%2F%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/PF3Il40mv8RcmCdXJtWQ4bD9GOkg1mMJIeFNuNMJAhM=441">
<span>
<strong>ACF Plugin Bug Gives Hackers Admin on 50K WordPress Sites (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Wordfence detected a new critical vulnerability in the Advanced Custom Fields Extended (ACF Extended) plugin for WordPress that could allow unauthenticated attackers to obtain admin privileges. The vulnerability arises from a lack of enforcement of role restrictions during form-based user creation. The vulnerability is only exploitable on sites that use a βCreate Userβ or βUpdate Userβ form with the role field mapped.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.startribune.com%2Fminnesota-department-of-human-services-data-breach-impacts-300k%2F601566960%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/WSwLmcsEjqdxwsS8Fct7uf6hy_QWPMhln3l77roh3m4=441">
<span>
<strong>Minnesota Department of Human Services Data Breach Impacts 300K (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Minnesota Department of Human Services is notifying 300K victims that their data was accessed by an unauthorized individual over the course of a month. A user affiliated with a licensed care provider accessed data in the MnCHOICES system without authorization. The data accessed includes names, sex, dates of birth, phone numbers, addresses, Medicaid ID numbers, and the last four digits of SSNs.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcybersecuritynews.com%2Fapache-airflow-vulnerabilities%2F%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/jeJ6FY4ueCOvUHSHF4tQQBTJQxk1aBIfvjO5RBiW6n0=441">
<span>
<strong>Apache Airflow Vulnerabilities Enable Sensitive Data Exposure (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Two new vulnerabilities allow for sensitive data leakage in versions of Apache Airflow prior to 3.16. The first vulnerability arises from Airflow failing to properly mask proxy credentials in log files. The second vulnerability arises from Airflow not applying user-registered secret pattern masking before truncating field templates when dealing with long fields in the Rendered Templates UI.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FMhQZlM/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/h4vHnA5DG-MMTquKeQRanKQrx4aDoc49YJcbX_6Z540=441">
<span>
<strong>How to Get Scammed (by DPRK Hackers) (18 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A security researcher documented a DPRK-linked Contagious Interview campaign in which threat actors posed as recruiters on Discord, delivering malware via fake technical assessments that deployed a multi-stage payload using blockchain-based dead-drop resolvers across Tron, Aptos, and Binance Smart Chain. The final RAT establishes persistence by injecting into VS Code and Cursor IDEs, exfiltrates credentials, and evades analysis by detecting cloud/CI/CD environments. Detection requires monitoring for Node.js processes that spawn with eval flags and API calls to blockchain endpoints such as api.trongrid.io.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.quarkslab.com%2Fclang-hardening-cheat-sheet-ten-years-later.html%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/Gcm5YEYNCo3e_HkOQ3noAgwxj1lHwvNVJQRrjQS_fV8=441">
<span>
<strong>Clang Hardening Cheat Sheet - Ten Years Later (20 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Quarkslab has updated its Clang hardening cheat sheet after ten years, documenting new compiler mitigations including FORTIFY_SOURCE level 3, stack clash protection via -fstack-clash-protection, and Intel CET/ARM PAC+BTI for control-flow integrity. The guide covers defenses against ROP/JOP attacks through hardware-assisted mechanisms such as shadow stacks and indirect branch tracking, as well as speculative execution mitigations with -mspeculative-load-hardening. Security teams should adopt the OpenSSF-recommended compiler flags and consider architecture-specific protections (CET for x86 and PAC/BTI for ARM) while balancing performance trade-offs.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.cyfirma.com%2Fresearch%2Fsolyximmortal-python-malware-analysis%2F%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/xkf3USDl-a8EqQoql15Tz4CbvWFMWYmnnoTVWg67fXI=441">
<span>
<strong>Solyximmortal: Python Malware Analysis (12 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
SolyxImmortal is a Python-based spyware that targets Windows systems, focused on long-term surveillance and data theft rather than destruction. It steals browser credentials, harvests documents, logs keystrokes, and captures screenshots, then exfiltrates everything via hardcoded Discord webhooks over HTTPS to blend into normal traffic. It minimizes detection while continuously monitoring victims by persisting through AppData and Run keys, abusing DPAPI to decrypt Chromium credentials, and batching keystrokes and archives.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbitwarden.com%2Fgo%2Fpassword-management-maturity-model%2Ftldr%2F%3Futm_campaign=34103600-TLDR%25202026%26utm_source=tldr_infosec%26utm_medium=email%26utm_content=maturity_model_01212026_send/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/8ON0_YXX7o78appNQMW1MeRWxeu3AhSUavuwfyzYDWA=441">
<span>
<strong>Security Leaders: Benchmark Your Password Maturity in Under 5 Minutes (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
As cyberattackers grow bolder and data protection regulations become stricter, organizational password management is a must. The Bitwarden <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbitwarden.com%2Fgo%2Fpassword-management-maturity-model%2Ftldr%2F%3Futm_campaign=34103600-TLDR%25202026%26utm_source=tldr_infosec%26utm_medium=email%26utm_content=maturity_model_01212026_send/2/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/hirDfkDSQudrHpsB2LsDSCICsWv7HEJUQmDDZIF4GNw=441" rel="noopener noreferrer nofollow" target="_blank"><span>Password Management Maturity Model</span></a> is a free and simple framework for evaluating your password posture. For more on how to protect your org, take a look at the <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbitwarden.com%2Fgo%2Fstreamline-security-and-protect-your-organization-info-tech-report%2Ftldr%2F%3Futm_campaign=34103600-TLDR%25202026%26utm_source=tldr_infosec%26utm_medium=email%26utm_content=info_tech_report_01212026_send%25C2%25A0/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/gJLXtMtMLpfyBlIUSUr3W_pke5ly0vVuxps6bZCv53M=441" rel="noopener noreferrer nofollow" target="_blank"><span>most trusted enterprise password manager</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FSeanHeelan%2Fanamnesis-release%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/asvWljXWK5GXy-QjkNlrR-3e0CeI7bSzD8CK2hCuiCY=441">
<span>
<strong>Anamnesis (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Anamnesis is an evaluation framework for studying how LLM agents generate exploits from vulnerability reports, demonstrating that Claude Opus 4.5 and GPT-5.2 agents can independently develop working exploits that bypass ASLR, NX, full RELRO, CFI, Shadow Stack, and seccomp sandboxes when given a QuickJS use-after-free vulnerability and proof-of-concept trigger.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fgoogle%2Fsyzkaller%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/G0NqvrAvAoxR6Qb8JIJrQB7RzMCjElJj-rJ7AxDWk60=441">
<span>
<strong>Syzkaller (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Syzkaller is a kernel fuzzer that finds bugs across various operating systems, including Linux and Windows. Originally for Linux, it now supports other OS kernels. It is a coverage-guided tool developed by Google, but it is not an official product.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FMHaggis%2FADTrapper%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/Co07nHrI8q2RXuAnhxX1ISXeTIcaR0PmnYro7-Fdhd0=441">
<span>
<strong>ADTrapper (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
ADTrapper is a comprehensive security analysis platform designed for cybersecurity professionals to analyze Windows AD authentication logs.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F01%2F20%2Fuk_gambling_comission_criticizes_meta%2F%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/EPQMnFro4PE-ZK4I_6J1fLiNzhGcUKA5Ods31jU6Mdc=441">
<span>
<strong>UK gambling regulator accuses Meta of lying about its struggle to spot illegal ads (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The UK Gambling Commission's executive director accused Meta of knowingly allowing illegal gambling advertisements, noting that its own searchable ad library reveals operators using keywords like "not on Gamstop" to target vulnerable users. Meta suggested the regulator deploy AI tools to find and report these ads rather than proactively policing its own platform. The commission's executive director described Meta's ad library as "a window into criminality" and said the company appears "happy to turn a blind eye and continue taking money from criminals."
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F01%2Fnorth-korea-linked-hackers-target.html%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/UqRkBbTTftPZCYF19EnyKwiqVKZ8mjpFdOQYCiU8kyg=441">
<span>
<strong>North Korea-Linked Hackers Target Developers via Malicious VS Code Projects (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
North Korean operators are posing as recruiters and sending developers fake coding tests that require cloning malicious Git repositories into VS Code. Once the project is opened and trusted, malicious tasks.json configurations fetch obfuscated JavaScript payloads from Vercel to install backdoors such as BeaverTail and InvisibleFerret, enabling remote code execution, keylogging, data theft, and crypto mining.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.miggo.io%2Fpost%2Fweaponizing-calendar-invites-a-semantic-attack-on-google-gemini%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/eOCKoHiqWMq5ytf3n3zCJH6I2PUJVZ-R2Ye-N8gSB8I=441">
<span>
<strong>Weaponizing Calendar Invites: A Semantic Attack on Google Gemini (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A seemingly normal calendar invite hides a natural-language payload in the event description, which Gemini processes when a user later asks about their schedule. This triggers Gemini to summarize private meetings, write the summary into a new event visible to the attacker, and reply with a harmless message.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;"> <div class="text-block"><span><a href="mailto:itcurator@tldr.tech"><span><strong>TLDR is hiring a Curator for TLDR IT! (TLDR Curator, ~5 hrs/week)</strong></span></a><br><br><span style="font-family: ;">We are launching a brand new newsletter covering IT and enterprise tech.<br>If you are an IT leader interested in writing for us, please send your resume or LinkedIn to <a class="c-link" href="mailto:itcurator@tldr.tech" rel="noopener noreferrer" target="_blank"><span>itcurator@tldr.tech</span></a>!</span></span></div> </td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FiGLwIP/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/mA9OoCElQmwmSU1-LThQ6CccuKW04cBPMcdYow1UlrE=441">
<span>
<strong>ChatGPT Health Raises Big Security, Safety Concerns (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
OpenAI's ChatGPT Health product raises data privacy concerns by enabling medical record integration and third-party sharing without confirmed end-to-end encryption or HIPAA protections, and notably excludes regions with stricter data regulations, such as the EEA and the UK.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F01%2F19%2Fcopper_chief_cops_it_after%2F%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/wR3oDodaEcsfJPO1S5Aly-tjgiWASZsznzC0S1n8Rpw=441">
<span>
<strong>Cop cops it after Copilot cops out: West Midlands police chief quits over AI hallucination (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
West Midlands Police chief constable retired after the force used Microsoft Copilot's fabricated report about a non-existent football match to justify banning Israeli fans, highlighting the risks of AI hallucinations in law enforcement decision-making.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F01%2F19%2Fhigham_lane_school_reopens%2F%3Futm_source=tldrinfosec/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/JaqKJb8icK1ay9cpSd4oL8dXfH7pHEh93OfCnt2_FvQ=441">
<span>
<strong>Warwickshire school to reopen after cyberattack crippled IT (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A Warwickshire secondary school is reopening after a severe cyberattack disabled critical IT and safety systems, including gates, fire alarms, registers, phones, and internet.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/B8NxdCqh6ylV8kt3rIbAWrqVROOcWf_yZEjX-e6m-QE=441" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/CjVNjzb2cW08Vn_bbyB2MYUqxMheBkZGgwWYcjxmIec=441" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/zOe5NzKqVdy2uD-qugDIOQ9jshI1b-_pWOMjB_E2e7E=441"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/ZyXZ5Hr4ZBo9H7U0A0_4-nYbmMkCdDFzkuQ0Z1Ok8wc=441" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/0Cyn2_v31Nz_R2tX7gTe3Fc8xsisWhM0wtfiuNPJqVk=441" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/W6BVFuBwGYSIQwx8mTAERdmRHAKOJzvgIn9R0o7HMEA=441" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/F605Pn8QtVTCClQZviftYPmN4zt3dugpLGP72DJMVvg=441"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/vPAJzQUIf19fg0EEOhmRtjCEGvtXfL025OVP2j8SgF4=441"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/3ZuRGN3ar5uknmfVBXQWVpTCVeSHChvk2lwSuCtVH1Q=441"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/iZD5eWpjGoq_Da99pghi5ejAZRLJ0F1LRcVT7yY672k=441">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=32d11dc8-f68c-11f0-8a70-db9333cbb606%26pt=campaign%26pv=4%26spa=1769004090%26t=1769004406%26s=2738a05dbf1d975dccd817d4e64dd3c76249113d4a6b2a6fde2921f6041b5005/1/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/Ftch2WwpEpqrgz4xkWR8ambbd40LuSe7vSbuyxGHlxk=441">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019be0e1176c-966b7534-2a52-4343-9abf-f2f157262860-000000/g3CQueXJU_VMu74yVtnjPA_Hb7iwFOyCwg99sgp2Onw=441" style="display: none; width: 1px; height: 1px;">
</body></html>