<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Have I Been Pwned added an alleged Under Armour breach attributed to the Everest ransomware group that exposed 72.7 million unique email addresses </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/usuzJjEBViYiMIBv3RfE8zGK-vqGsb3eTN0QQ889EdQ=441" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/XaSDW6k4fe5Sx9gVyJVTctcfVkX9uK1WUprDzXW3RFQ=441" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=48783b8e-f858-11f0-9ed9-33f8b93832ae%26pt=campaign%26t=1769177203%26s=d3ecc27c1fe17867accc18c61b33be6f872086ddd76cd82b6846ef63cd2903cd/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/QNTY2I3Z91IVxkeAsywrSHYpW6eryv0opE93_zOkwns=441"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-01-23</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🔓</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberinsider.com%2Fhibp-adds-alleged-under-armour-data-breach-impacting-72-million-emails%2F%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/OhonKCmo8HKwRBl3tcmFt3eXpkHRSDIOzYlbiyE8C_Y=441">
<span>
<strong>HIBP adds alleged Under Armour data breach impacting 72 million emails (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Have I Been Pwned added an alleged Under Armour breach attributed to the Everest ransomware group that exposed 72.7 million unique email addresses along with names, dates of birth, physical addresses, and purchase history from a 343GB exfiltration in November. The data was published after Under Armour reportedly did not pay the ransom, with the dataset now circulating on underground forums and indexed by DeHashed. Affected users should monitor for targeted phishing impersonating order-related communications and change reused passwords.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcisco-fixes-unified-communications-rce-zero-day-exploited-in-attacks%2F%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/hhwGGt73CBUReMBKuib_ruHCrLnttOhfk7JOXfgmGFg=441">
<span>
<strong>Cisco Fixes Unified Communications RCE Zero-Day Exploited In Attacks (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cisco has announced a new vulnerability impacting United Communications, Cisco Unity Connection, and Webex Calling Dedicated Instance. The vulnerability is due to improper validation of user-supplied input in HTTP requests that could allow an attacker to obtain access to the underlying system via a sequence of specially crafted HTTP requests. The patches are version-specific, so admins should check the README before applying patches.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-exploit-security-testing-apps-to-breach-fortune-500-firms%2Famp%2F%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/9Lj7ZsDyFyJwPirOqrWNHNx_M8exMp0_auwBRuMP7Cw=441">
<span>
<strong>Hackers Exploit Security Testing Apps to Breach Fortune 500 Firms (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Automated pentest company Pentera discovered nearly 2K instances of exposed security testing apps, such as OWASP Juice Shop and DVWA, publicly exposed in the networks of Fortune 500 companies. Many of these web apps are used for security training and are deployed in cloud environments with overly permissive IAM roles and default credentials. Pentera found evidence that 20% of exposed DVWA apps had malicious artifacts such as webshells and cryptominers deployed.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧠</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fstackoverflow.blog%2F2026%2F01%2F21%2Fis-that-allowed-authentication-and-authorization-in-model-context-protocol%2F%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/ELmLj_ZkiEJ39uNZ_VA2B1jZBrVhS_hNH_6L6i0O_dk=441">
<span>
<strong>Is that allowed? Authentication and authorization in Model Context Protocol (13 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Remote MCP servers should implement the OAuth 2.1 Authorization Code grant with PKCE for client authentication, leveraging protected resource metadata (RFC 9728) and authorization server discovery (RFC 8414) for the handshake. The 2025-11-25 MCP specification introduces step-up authorization for scope negotiation and recommends Token Exchange for downstream service authentication, while explicitly prohibiting token passthrough. Organizations deploying MCP servers should design granular scopes with clear read/write/delete separation, ensure short-lived access tokens, and implement proper validation, including checks for issuer, audience, and expiration.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4119130%2Fvulnerability-prioritization-beyond-the-cvss-number.html%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/VM4BzTNE6bigTlDy45yr6sdgXHwqOVkQLhDSFTv_6o0=441">
<span>
<strong>Vulnerability prioritization beyond the CVSS number (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CVSS scores alone fail to capture how vulnerabilities propagate through interconnected systems. Log4Shell is an example in which widespread nested dependencies, not just technical severity-driven impact, are at play. The Unified Linkage Model (ULM) framework evaluates vulnerabilities based on adjacency, inheritance, and trust relationships to identify "blast radius multipliers," such as SSO services or CI/CD pipelines. Security teams should map system dependencies and prioritize patching vulnerabilities near identity systems and shared services that can amplify downstream risk.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fallan.reyes.sh%2Fposts%2Fkeeping-secrets-out-of-logs%2F%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/bw1s9IHQCVdOUZpPNoGYfbyxMdau_QO9VjmmJtj-f3M=441">
<span>
<strong>Keeping Secrets Out of Logs (12 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Secrets often end up in logs from a variety of sources, such as forgotten debugging lines, excessive error logging, and telemetry. Some fixes include architecting to reduce logging sinks, using domain primitives to abstract secrets, using read-once objects, using log preprocessors, adding unit tests, and implementing taint tracking. To prepare for a logging overhaul, teams should first lay the foundations of the initiative, understand the data flow, protect data at choke points, apply defense-in-depth, and plan for response and recovery in the event of leaked secrets.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧑💻</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.datadoghq.com%2Fevent%2Fcloudsecurity-livestream%2F%3Futm_source=tldrnewsletter%26utm_medium=newsletter%26utm_campaign=dg-security-ww-cloudsec-livestream-infosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/ZBc3FKyRvj9Yw-geWarxGBlzWPDGIoMkWyHIKnjSlFo=441">
<span>
<strong>Most orgs are (still) getting cloud security wrong (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
59% of AWS IAM users have access keys older than one year, and common cloud misconfigurations continue to create easy breach paths. On January 27, Datadog is hosting <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.datadoghq.com%2Fevent%2Fcloudsecurity-livestream%2F%3Futm_source=tldrnewsletter%26utm_medium=newsletter%26utm_campaign=dg-security-ww-cloudsec-livestream-infosec/2/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/tafa8s-wtgrHdrRz8kC8DCaUV29a18vsCObs3bXkTVI=441" rel="noopener noreferrer nofollow" target="_blank"><span>a live webinar</span></a> to discuss the State of Cloud Security, based on security posture data from thousands of cloud orgs. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.datadoghq.com%2Fevent%2Fcloudsecurity-livestream%2F%3Futm_source=tldrnewsletter%26utm_medium=newsletter%26utm_campaign=dg-security-ww-cloudsec-livestream-infosec/3/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/L4E1nmj38WZ4-OF8kyvGW8KWuQBhSFgaqxkSEZViRWI=441" rel="noopener noreferrer nofollow" target="_blank"><span>Join the live discussion + Q&A</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F7Pd831/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/8koe8aZ5LcEdDvNyif8F9hkto1uPzgsjakZV3aj5wys=441">
<span>
<strong>MITRE Launches New Security Framework for Embedded Systems (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Embedded Systems Threat Matrix (ESTM) 3.0 is an ATT&CK-inspired framework that categorizes attack tactics and techniques specific to hardware and firmware environments. The framework supports cyber threat modeling and attack path analysis for industries including energy, robotics, industrial controls, transportation, and healthcare, and integrates with the EMB3D Threat Model. Security teams protecting embedded systems should evaluate ESTM to identify vulnerabilities in their embedded architectures.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fpathfinding.cloud%2F%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/PddDXFCJCNSR-duIHkkMVTcbcMPcnkADuImUCbsvnNI=441">
<span>
<strong>Pathfinding.cloud (Web App)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Pathfinding.cloud is a web app from DataDog that collects tools and guides to detect IAM-based privilege-escalation attacks in AWS.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FHotCakeX%2FHarden-Windows-Security%2Fwiki%2FAppControl-Manager%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/X0VtCGbxC4KFw-jsqgPORz6MVxPSJan6Ar6h22UIRcs=441">
<span>
<strong>AppControl Manager (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AppControl Manager provides a GUI to manage App Control and Code Integrity on your local or remote devices.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🎁</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fmitchellh.com%2Fwriting%2Ftripwire%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/DPqIvI5UXlimwHq2zw1fTFzu_0f4X5Qee-fp_M04Mmk=441">
<span>
<strong>Don't Trip[wire] Yourself: Testing Error Recovery in Zig (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Tripwire is a Zig library for injecting failures at named points in code to test `errdefer` error handling paths, which are typically untested and a consistent source of resource leaks and memory corruption. The library uses comptime to completely optimize away in non-test builds, producing zero runtime cost in production. Integration into Ghostty immediately uncovered approximately six `errdefer` bugs that had never manifested in production.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.vulncheck.com%2Fblog%2Fstate-of-exploitation-2026%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/NBG3c0nCUimpgC7-n7nWjbjncmEEn-Fr-rmYM6eZiv0=441">
<span>
<strong>VulnCheck State of Exploitation 2026 (9 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
VulnCheck identified 884 Known Exploited Vulnerabilities in 2025, with 28.96% exploited on or before CVE publication, up from 23.6% in 2024, highlighting the continued prevalence of zero-day and rapid n-day exploitation. Network edge devices such as firewalls, VPNs, and proxies were the most targeted technologies, followed by content management systems and open source software. Organizations should prioritize the timely remediation of newly disclosed vulnerabilities affecting internet-facing infrastructure while maintaining visibility beyond CISA KEV through additional exploitation intelligence sources.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fshehackspurple.ca%2F2025%2F11%2F27%2Fthe-psychology-of-bad-code%2F%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/mBfjrBosydzpLuOz6LDcngBqqzQ_fqhEBmouWriHkmo=441">
<span>
<strong>The Psychology of Bad Code (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This post is the first part of a series that applies behavioral economics to developer processes. Developers want to write secure code but are often overwhelmed by competing priorities. Security teams should design technical nudges, shift incentives, and push for cultural changes to help developers write secure code.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">⚡</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="mailto:itcurator@tldr.tech?utm_source=tldrinfosec">
<span>
<strong>TLDR is hiring a Curator for TLDR IT! (TLDR Curator, ~5 hrs/week)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
We are launching a brand new newsletter covering IT and enterprise tech.<br>If you are an IT leader interested in writing for us, please send your resume or LinkedIn to <a class="c-link" href="mailto:itcurator@tldr.tech" rel="noopener noreferrer" target="_blank"><span>itcurator@tldr.tech</span></a>!
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwinbuzzer.com%2F2026%2F01%2F22%2Fgoogle-rolls-out-ai-detection-and-ransomware-defenses-for-schools-xcxwbn%2F%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/cnpbWRZixbmpL3009uv7i5cFS57FvDkWKQYVU7f8yjg=441">
<span>
<strong>Google Rolls Out AI Detection and Ransomware Defenses for Schools (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google expanded its SecOps data connector to Education Plus and Education Standard tiers, adding AI detection tools and ransomware defenses amid reports that 82% of K-12 organizations experienced cyber threats in the past 18 months.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsansec.io%2Fresearch%2Fclaude-finds-353-zero-days-packagist%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/1PXcTrOrC6b1mUklo-dfHUPM5cEMwXEQqODkCa-iTJg=441">
<span>
<strong>Claude finds 353 zero-days on Packagist (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Sansec's AI-powered security pipeline using Claude Opus 4.5 discovered 353 confirmed zero-day vulnerabilities across 5,000 Magento extensions on Packagist, including RCE, SQL injection, and authentication bypass flaws affecting packages with 5.9 million total downloads.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.zerodayinitiative.com%2Fblog%2F2026%2F1%2F22%2Fpwn2own-automotive-2026-day-two-results%3Futm_source=tldrinfosec/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/8LU4BC_WwK1saCCKbCCBqU9aE62TMDM9L2xqbqAU_4o=441">
<span>
<strong>Pwn2Own Automotive 2026 - Day Two Results (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Day Two of Pwn2Own Automotive 2026 awarded $439,250 for 29 unique zero-day vulnerabilities across EV chargers and in-vehicle infotainment systems, bringing the event total to $955,750 and 66 vulnerabilities.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/RQxo8U1M8nNS8Y620fcOlpK_pCZOx7AB-u7Jt1JkIj8=441" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/J-1yTbsHQIt-eWkRxFiIxtn9SM4qQ9lJfdS_CYtS1BU=441" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? 📰
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/6FjR0PlaPf6Yy4RDWLVdLot-QuIN127O8WjdV4u-gMc=441"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? 💼
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/b_g1jB7XGL26rP87dP3RqY42I6-zjHsZ811MK3rU_KA=441" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/vBmYYlx_o49Z7us40n7C3xyDjtQUl83kARCVCpAq18M=441" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/4bXJVGRRo4J_nGYcTt31FZX5IHzcumiYkSzWIe82qcI=441" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/LUR6e9n2GRkx5jn0CZi3Nlfo6sAGeiMHIknz7oHAhXE=441"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/UiVqTkzs9Ejfr73T6S8N5uwB4qxU5xdSLYivldzpiqk=441"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/TjrLn_0kl5gDjmRnyBb7hlieut9qlq4N3Gc9uxAn098=441"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/GpDtiRrrcLxAlqSeuJfQvSFKgOCkTckHb3_pZy7zFms=441">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=48783b8e-f858-11f0-9ed9-33f8b93832ae%26pt=campaign%26pv=4%26spa=1769176887%26t=1769177203%26s=7f6349c5c2c0c7fff94abef5071ff65aade19bd778f6852bab3b90797ed6f206/1/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/aTmkCH0R2BHXf_HnoDejhK2XQCbmfSrPbeQAIzkbAmQ=441">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019beb2dc3b6-5913cc3c-04bd-4915-91c1-14220d83d270-000000/GFMJlwCVZl2Jgh_oThyCOnCRFLuCBy2R3dN61Lo4W2s=441" style="display: none; width: 1px; height: 1px;">
</body></html>