<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Researchers from CheckPoint have discovered a new malicious campaign from the North Korean Konni hackers. The attack begins with a Discord link β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/cAa6EZDKW4guw-GAyAwMg0eowv4zt-PYcLO5wHkrnsU=441" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/Mni4t1vYnbCqj-SV8WxDJpV4iZI-cVk7GUu9Pe-GxGo=441" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=5721a1d4-fb64-11f0-94b0-d1cfb5e2872d%26pt=campaign%26t=1769522833%26s=777dde72c97454b33da1e7773dafd02b1a6401e4ebb19df1c6057e27d6262f42/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/TlnlHpBBEPWdG6yZxnkNYH8BYJ4GEM9NCSa9JljJTX0=441"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsublime.security%2Fresources%2Femail-threat-research-report-2026%3Futm_source=tldr%26utm_medium=content-synd%26utm_campaign=report/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/xHIcPHetgv6h_Brok7eL4Q1LAcdKGE_F47s76FqLWc0=441"><img src="https://images.tldr.tech/sublime.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Sublime Security"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-01-27</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsublime.security%2Fresources%2Femail-threat-research-report-2026%3Futm_source=tldr%26utm_medium=content-synd%26utm_campaign=report/2/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/N73BovlKH75GuKQjKG5lfiADitpmviQ2hrZiF7NuVpo=441">
<span>
<strong>Sublime Security 2026 Email Threat Research Report (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Email threats evolved quickly in 2025, and security teams felt the impact. Sublime Security's <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsublime.security%2Fresources%2Femail-threat-research-report-2026%3Futm_source=tldr%26utm_medium=content-synd%26utm_campaign=report/3/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/hpXaAC9XwZfkXHiTVrcOAupyeQtF-4_unFRK97PeETw=441" rel="noopener noreferrer nofollow" target="_blank"><span><strong>2026 Email Threat Research Report</strong></span></a> analyzes real-world email attacks across organizations of all sizes to reveal what actually changed and why it matters.
<p></p>
<p>Inside the report:</p>
<p>β’ Thread hijacking now appears in over 28% of BEC attacks</p>
<p>β’ Malicious QR codes increased 280% in the second half of 2025</p>
<p>β’ ICS phishing, email bombs, and service abuse continue to rise</p>
<p>The report also examines evasion techniques and offers practical guidance for defending email in 2026.</p>
<p>π <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsublime.security%2Fresources%2Femail-threat-research-report-2026%3Futm_source=tldr%26utm_medium=content-synd%26utm_campaign=report/4/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/qOI6UQb9qsIa47l-whEQDbLCE4NrFEAyEZ_KwKDQomY=441" rel="noopener noreferrer nofollow" target="_blank"><span>Download the report</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4117730%2Fpalo-alto-networks-patches-firewalls-after-discovery-of-a-new-denial-of-service-flaw-2.html%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/C1XJ6WwY7p2oQQio9wxeZnr2maNAOuNFxmWGaqfWFCE=441">
<span>
<strong>Palo Alto Networks patches firewalls after discovery of a new denial-of-service flaw (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Palo Alto Networks has patched CVE-2026-0227 (CVSS 7.7), a high-severity DoS vulnerability in PAN-OS affecting firewalls with GlobalProtect gateway or portal enabled that allows unauthenticated attackers to force devices into maintenance mode. A PoC already exists, and the flaw mirrors CVE-2024-3393 from late 2024, which was exploited as a zero-day before patches were available. Organizations running PAN-OS versions 10.2 through 12.1 with GlobalProtect enabled should apply patches immediately, while most Prisma Access customers have already been automatically updated.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthecontractor.io%2Fsynology-dsm-7-3-2%2F%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/9k-JM-G4dY71QLOFxY_diQJldqehXM9aAKl3eAHXnvI=441">
<span>
<strong>Synology DSM 7.3.2 (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A local privilege escalation vulnerability chain in Synology DSM 7.3.2-86009 allows any authenticated user with shell access to gain root when DownloadStation with BitTorrent is enabled. The exploit chains three misconfigurations: a world-writable Transmission RPC socket running as root, a world-writable /volume1/@eaDir/ system directory, and a missing nosuid mount flag on /volume1, enabling attackers to configure Transmission's script-torrent-done-filename to execute arbitrary payloads as root upon torrent completion. A full PoC is available, and the vulnerability has been reported to Synology PSIRT.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fkonni-hackers-target-blockchain-engineers-with-ai-built-malware%2F%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/_qKB0vV9fz1Cc_NYNMtnr6u5e-wwvOEL_WlWUCXiCK0=441">
<span>
<strong>Konni Hackers Target Blockchain Engineers With AI-Built Malware (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers from CheckPoint have discovered a new malicious campaign from the North Korean Konni hackers. The attack begins with a Discord link that downloads a zip archive containing a lure document and two batch files which downloads a PowerShell backdoor and then deletes other signs of infection. Notably, the malware contains signs of it being AI-generated, such as comments with variable placeholders.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhybrid-analysis.blogspot.com%2F2026%2F01%2Forganized-traffer-gang-on-rise.html%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/EaF2t-F3KQHg-Q_tSU6y4TXNgwmkNtCq6xyrT4Z4Ax8=441">
<span>
<strong>Organized Traffer Gang on the Rise Targeting Web3 Employees and Crypto Holders (18 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Hybrid Analysis uncovered a sophisticated Russian-speaking Traffer operation targeting cryptocurrency users and Web3 employees through fake Electron applications disguised as AI productivity tools, meeting software, and gaming platforms, with documented earnings of at least $2.4 million. The campaign uses 80+ domains, elaborate fake company ecosystems with purchased social media accounts, and abused code-signing certificates to deliver second-stage payloads, with shared infrastructure suggesting links to the Marko Polo, CrazyEvil, and Wagmi Traffer groups. Security teams should monitor for the provided IOCs and exercise caution with unsolicited software downloads from Web3-themed applications, particularly those requiring invitation codes or tokens for access.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbreakmeifyoucan.com%2F%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/C1QD-07y2dPJqCe7mtT6CzglLriGI4-92gD94AscRdA=441">
<span>
<strong>Exploiting Keyspace Reduction and Relay Attacks in 3DES and AES-protected NFC Technologies (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Modern NFC cards used in hotel keys, tickets, and access systems can be attacked not by breaking 3DES or AES, but by abusing how keys and memory are handled after authentication. By relaying the legit readerβcard handshake and then partially overwriting key bytes, attackers can shrink the effective keyspace from astronomically large to something bruteβforceable with modest hardware. Weak or missing integrity checks, nonβatomic key writes, and flawed nonβNXP clone cards make it possible to recover full keys from one or a few tags, sometimes in under a minute. Proper key diversification, locking key pages, enabling CMAC/secure messaging, and migrating to stronger platforms like DESFire EV3 sharply reduce these risks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FHLBQGm/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/vQWVo_MqleZIW6KqkYOwt_7YReb5cg5TqKP5b3tw9F4=441">
<span>
<strong>Amazon CloudFront mTLS With Open-Source Serverless CA (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AWS added support for CloudFront to use mTLS to require client certificates in requests at re:Invent 2025. This article walks through setting up CloudFront to use mTLS via an open-source serverless CA that the author developed. AWS should offer a standardized Trust Store, possibly in ACM, rather than having all services that support mTLS implement it separately.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FArcanum-Sec%2Fsec-context%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/ySXU67u_mRjdbCO-wkTrxUL53uobNC_Bd_wV0kLVfmA=441">
<span>
<strong>Sec-Context (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Comprehensive security anti-pattern reference distilled from 150+ sources designed for LLM consumption, addressing the 86% XSS failure rate and other critical vulnerabilities in AI-generated code. Provides two reference documents covering 25+ anti-patterns with pseudocode examples, Common Weakness Enumeration (CWE) references, and mitigation strategies optimized for use as system prompts, Retrieval-Augmented Generation (RAG) references, or dedicated security review agents.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FftcEDITON%2FWindows-Penetration-Tools%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/Ma38TvvUy4qhwyQAqCovBJOQHgW3hwUldIxDcQWqYFI=441">
<span>
<strong>Windows-Penetration-Tools (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A comprehensive Windows security toolkit written in C++ using MFC, designed for security researchers, penetration testers, and developers interested in Windows internals. This project demonstrates various security techniques, including DLL injection, process manipulation, privilege escalation, and system monitoring capabilities.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.upwind.io%2F%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/yAoFlv99sKjGliJ2ZXbFl25wbdQSKYWSAdBiFWAVTzQ=441">
<span>
<strong>Upwind (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Upwind provides a runtime-native CNAPP platform that gives deep visibility into cloud networks, APIs, and data flows, reducing alert noise and helping prioritize real risk.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Flogins-roblox-tiktok-netflix-crypto-wallets-found%2F%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/O-Bh2TZ2NxDiAM9Gsxres0dzL57TlU9aIaZ7Vm-AP44=441">
<span>
<strong>149M Logins from Roblox, TikTok, Netflix, Crypto Wallets Found Online (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A security researcher discovered a 96GB database containing 149 million stolen credentials for services including Facebook (17M), Netflix (3.4M), Binance (420K), Gmail (48M), and government domains from multiple countries, exposed online without authentication. The data appeared to be collected via infostealer malware through an organized system with reversed labeling to sort by device and website. The database was actively growing during the month it took to get the hosting provider to take it offline. Users should enable MFA, use unique passwords via password managers, and monitor for credential exposure on services like Have I Been Pwned.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F01%2Fmalicious-vs-code-ai-extensions-with-15.html%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/bmr9IxliUuYzqaPJGCZNblhLcDIXmdtwLvJKmIUR6ek=441">
<span>
<strong>Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Security firm Koi Security uncovered two popular AI-branded VS Code extensions that quietly exfiltrate every opened and edited file to China-based servers, while still functioning as legitimate coding assistants. They also support remote-triggered bulk exfiltration of up to 50 workspace files, fingerprint devices via embedded analytics SDKs, and are linked to a broader βMaliciousCorgiβ campaign alongside new PackageGate flaws in JavaScript package managers that weaken common supply chain defenses.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F01%2F23%2Ftiktok-users-freak-out-over-apps-immigration-status-collection-heres-what-it-means%2F%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/8zVK2lE3teAGk5XLSpd4y4hWtM6GHEzHeFt94PjQ-5M=441">
<span>
<strong>TikTok Users Freak Out Over App's βImmigration Statusβ Collection - Here's What it Means (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
TikTok updated its privacy policy as part of its new ownership agreement, which triggered user notifications. Many users noted concerning amounts of sensitive data the app collects, such as precise location data and immigration status. TikTok has noted that this disclosure is required by laws such as California's CCPA.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="mailto:itcurator@tldr.tech?utm_source=tldrinfosec">
<span>
<strong>TLDR is hiring a Curator for TLDR IT! (TLDR Curator, ~5 hrs/week)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
We are launching a brand new newsletter covering IT and enterprise tech.<br>If you are an IT leader interested in writing for us, please send your resume or LinkedIn to <a class="c-link" href="mailto:itcurator@tldr.tech" rel="noopener noreferrer" target="_blank"><span>itcurator@tldr.tech</span></a>!
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fartificial-intelligence%2Fchatgpt-temporary-chat-feature-is-getting-a-much-needed-upgrade%2F%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/3C8pc3s2ThQ5HpRbWliI0ItIkmgpKZDfMvHZ6eWwkjM=441">
<span>
<strong>ChatGPT Temporary chat feature is getting a much-needed upgrade (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
OpenAI is testing an upgrade to ChatGPT's temporary chat feature that allows users to retain personalization while still preventing the conversation from being saved to chat history or used for model training.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F01%2F26%2Fdata_thieves_claim_nike_data_haul%2F%3Futm_source=tldrinfosec/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/9QbNbjGekTTeIlVqJYIUVNoxODc_Fgk-ZnTiRjrBi1g=441">
<span>
<strong>Data thieves borrow Nike's 'Just Do It' mantra, claim they ran off with 1.4TB (2 minute read).</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
WorldLeaks claims to have stolen 1.4TB of internal Nike data, mainly design and manufacturing files rather than customer records.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FSVmWRa/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/AVgFYwl6zIOLaY_E0mJd4pUyYNqOKWM33ddOl-i19I0=441">
<span>
<strong>Apple C-series modem enables new privacy-focused limit precise location feature (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
iOS 26.3 introduces a new "limit precise location" setting for devices with Apple's C-series modem that obfuscates user location data from cellular carriers, reducing both third-party tracking and government surveillance capabilities.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/SdcVYvNw35N0WXUppLBs_d_bbPjKxId8JuqBYnlLY64=441" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/J_EkNEFC-vmV3MUSi2aa9VqvSWtIK_LMbRWSvom5agM=441" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/W4NCipp6EC4sdbjvmZ4v8FSh6eGRz1sJOUj61bKLhhs=441"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/XoFQkDcs0wRF3Y5n1yaX4yaMNwcNV89NABZ8rJZUP4Y=441" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/5ConMJAxAbEM_0pFffH4LL9ZkgGBuGtxJMAb8j2SLVc=441" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/SSSei4sO62U_NTK77Pz-u5FZ6adE6I0Zpa9FTHZYbqA=441" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/3AcpjX7Z25KAg7fC2gS6V5b2wMgapoO9XpmRzf32uvk=441"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/xE1Ew4IF5bS0KnPtLIFyKMtkLVnepdBSUKIsOK0KDlk=441"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/3qoSw1HmkZ22hD80IIeKvo3G3BqSWIjK3cGZRMi9OM4=441"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/YtGdQUFOd5-Az4uYd0UKa4Bfmdwg_orz0xUfjNy4o-w=441">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=5721a1d4-fb64-11f0-94b0-d1cfb5e2872d%26pt=campaign%26pv=4%26spa=1769522512%26t=1769522833%26s=14e762be2124cac712c1802a6ec34cf5c105f17f89a4fefa4b1202d3265a66d6/1/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/9e9_VS0QrTBK4-oj47OcpVhF151MJLHLeivlmOvpjFc=441">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019bffc7a710-ba147cda-9baa-416c-9ea3-a1acd7c9c771-000000/G3QMJrLYLfeM3d7XlbXodAKc-bhSvvQ8F7OwjMu6o2Y=441" style="display: none; width: 1px; height: 1px;">
</body></html>