<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">MicroWorld confirmed unauthorized access to a regional eScan antivirus update server resulted in malicious updates distributed to customers β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/VNGCnGn2DA8cSO3594gQSl2IhPyZxcPAPVjssGOs2UU=442" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/yTUjjNitKjOypc-9-jcruAELdFEbjUP7OP0hzh8MvPQ=442" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=36fc14aa-002f-11f1-935f-cb78ec5f1248%26pt=campaign%26t=1770041236%26s=d1d8992131ddab0eb29958283e721fdf87e470677c8699e96fbb8d05a513c8d6/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/SgSoojGCm1RcF6kGgUyqASiAm3FWg6lTt2dW73MXxoA=442"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="mailto:itcurator@tldr.tech"><img src="https://images.tldr.tech/tldr50.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="TLDR"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-02-02</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="mailto:itcurator@tldr.tech">
<span>
<strong>TLDR is hiring a Curator for TLDR IT! (TLDR Curator, ~5 hrs/week)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
We are launching a brand new newsletter covering IT and enterprise tech. We already have <strong>500,000+ subscribers</strong> waiting for the first edition.<br>We need a domain expert to curate and write the daily summaries. If you want to be the voice of the IT industry, please send your resume or LinkedIn to <a href="mailto:itcurator@tldr.tech" rel="noopener noreferrer" target="_blank"><span>itcurator@tldr.tech</span></a>!
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F2KRD4q/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/Uar4pwMZqJ_xDuq-ZicjyMXJFN6EgAbEqrqnW13TrLc=442">
<span>
<strong>eScan confirms update server breached to push malicious update (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
MicroWorld Technologies confirmed unauthorized access to a regional eScan antivirus update server resulted in malicious updates distributed to customers during a two-hour window on January 20, deploying a modified "Reload.exe" file signed with what appears to be eScan's certificate. An analysis revealed the malware enabled persistence through scheduled tasks named "CorelDefrag", modified Windows HOSTS files to prevent legitimate updates, and connected to multiple C2 servers to download CONSCTLX.exe backdoor as the final payload. eScan isolated the compromised infrastructure within hours, rotated credentials, and released a remediation update for affected customers, though the company disputed claims about the discovery timeline and customer notification efforts.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FHfyIqx/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/3HTHKLw4p91lIAPvJoiJDsLOJ3mHnfv6LhH-GKQCTSI=442">
<span>
<strong>Thousands more Oregon residents learn their health data was stolen in TriZetto breach (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A 2024 cyberattack on TriZetto Provider Solutions exposed protected health information and personal data for more than 700,000 patients across multiple US states, and the breach was not detected until nearly a year later. Oregon clinics are now notifying thousands of affected patients, while the owner, Cognizant, faces multiple class action lawsuits despite claiming the threat was swiftly contained and that no ransom was involved.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2Fl6hr0V/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/ZJmgcWGkjbY8Tsml0ILiB0VRmenSa7OvwyINpf54a2E=442">
<span>
<strong>Fake Clawdbot VS Code Extension Installs ScreenConnect RAT (18 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Aikido Security discovered a trojanized "ClawdBot Agent" VS Code extension impersonating the viral AI assistant Clawdbot, which deploys weaponized ConnectWise ScreenConnect software (Code.exe) configured to connect to attacker infrastructure. Microsoft quickly removed the extension after disclosure. The malware features a sophisticated multi-layered payload delivery. The attack demonstrates advanced evasion through functional AI features to avoid suspicion, process camouflage using legitimate VS Code executable names, DLL sideloading with anti-analysis timing checks, and quadruple impersonation layers that successfully weaponize trusted remote administration software.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.lesswrong.com%2Fposts%2F7aJwgbMEiKq5egQbd%2Fai-found-12-of-12-openssl-zero-days-while-curl-cancelled-its%3Futm_source=tldrinfosec/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/pdXr4mrGazXipqrT6944UEYrByzlSS-1ZpT1XbvgfpY=442">
<span>
<strong>AI found 12 of 12 OpenSSL zero-days (while curl cancelled its bug bounty) (15 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AISLE's AI system discovered all 12 zero-day vulnerabilities in OpenSSL's January 2026 security release, marking the first real-world demonstration of AI-based vulnerability discovery at industrial scale. The findings span multiple subsystems and include vulnerabilities that remained undetected for up to 27 years, bringing AISLE's total to 13 of 14 CVE-2025-* vulnerabilities discovered in OpenSSL plus 5 genuine CVEs in curl. This achievement contrasts sharply with curl's cancellation of its bug bounty program due to overwhelming AI-generated spam, illustrating how AI simultaneously collapses median submission quality while raising the ceiling for sophisticated vulnerability discovery in critical infrastructure.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Funit42.paloaltonetworks.com%2Frussian-cyberthreat-2026-winter-olympics%2F%3Futm_source=tldrinfosec/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/LXX1ngtbLn_Bm33SjHu3LDKtP6zqNpbVl2rJoZVOp-Q=442">
<span>
<strong>Understanding the Russian Cyber Threat to the 2026 Winter Olympics (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Russia's exclusion from the 2026 Winter Olympics removes critical geopolitical deterrents. The threat model has shifted from espionage to disruption, with potential attacks including destructive malware targeting operational technology, exploitation of Smart Road SS51 Alemagna's V2X infrastructure to hijack Variable Message Signs, and AI-amplified hybrid attacks combining cyber disruptions with high-fidelity deepfakes to transform technical outages into public safety crises. Defenders should prioritize zero-trust visibility with anomaly detection for IoT devices, implement micro-segmentation to prevent lateral movement from compromised edge devices, and deploy content provenance measures to verify legitimate communications against AI-generated content.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fheilancoos.github.io%2Fresearch%2F2025%2F12%2F16%2Fkubernetes.html%3Futm_source=tldrinfosec/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/qMJ-nENDmp_zCiZISRyTeAIayGVNZeI26ejJRV2VZ9I=442">
<span>
<strong>A Brief Deep Dive into Attacking and Defending Kubernetes (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Kubernetes vulnerabilities can be divided into four key categories: pod weaknesses, identity and access mechanisms, cluster configuration components, and control plane entry points. This post provides a deep dive into several specific attack areas, including overly permissive RBAC, service account token abuse, malicious admissions controllers, writable volume mounts, unauthorized access to ETCD, and Kubernetes golden tickets. Each section includes an explanation of the attack vector, possible defenses, and a Falco rule to detect the attack.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Faisy.ai%2F%3Futm_source=tldrinfosec/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/xOrKuUwNfiKXaGD5fgKKKDEeoBoT8sclzI61jMS54mw=442">
<span>
<strong>Aisy (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Aisy provides an AI-assisted vulnerability management platform that maps infrastructure like an attacker, ingests tickets from existing tools, and surfaces chained, high-impact vulnerabilities so security teams can prioritize and remediate the most critical risks first.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FSecObserve%2FSecObserve%3Futm_source=tldrinfosec/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/_gcBFUbvcIHh3Eo_rzSZeRf_3Rml3vwj_nBghpMHcbs=442">
<span>
<strong>SecObserve (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
SecObserve is an open source vulnerability management system for software development teams that supports a variety of open source vulnerability scanners. It integrates easily into CI/CD pipelines.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FAntonlovesdnb%2FSysmonConfigPusher2%3Futm_source=tldrinfosec/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/PG6sBX9vGQHIOHcYdv1wl3bORX27U5rwv2iYww_XJ3g=442">
<span>
<strong>SysmonConfigPusher v2 (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
SysmonConfigPusher v2 is a web-based tool for managing Sysmon configurations across Windows endpoints using agentless or agent-based deployment.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberscoop.com%2Fgrok-undressed-victims-file-class-action-lawsuit-against-xai-elon-musk%2F%3Futm_source=tldrinfosec/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/qiALmKK1vjoQpE0bqh15K_oL3vboid-Uz06-B6Zqplg=442">
<span>
<strong>Undressed victims file class action lawsuit against xAI for Grok deepfakes (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
At least 100 victims filed a class action lawsuit against xAI, alleging that Grok generated 4.4 million images over nine days, including at least 1.8 million non-consensual sexualized deepfakes of women, men, and children, posted publicly on X. The lawsuit claims that xAI executives knowingly failed to implement industry-standard safeguards and instead encouraged users to create "nudified" content through features such as tagging handles to manipulate photos and a "spicy" option for generating controversial content. The case adds to mounting legal pressure on xAI and Musk: 35 State Attorneys General have expressed "deep concern," and formal investigations have been opened by the EU, UK, South Korea, Canada, and Brazil, while US federal agencies remain silent.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fus-convicts-ex-google-engineer-for-sending-ai-tech-data-to-china%2F%3Futm_source=tldrinfosec/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/Ij8znESQoeWuEMCfPZRjJ50n0MW4KyBO8QOSKi7rflI=442">
<span>
<strong>U.S. convicts ex-Google engineer for sending AI tech data to China (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Former Google software engineer Linwei Ding was convicted on seven counts of economic espionage and seven counts of trade secret theft for stealing over 2,000 pages of confidential AI materials between May 2022 and April 2023, including Google's AI supercomputing infrastructure, proprietary TPU/GPU systems, orchestration software, and SmartNIC networking technology. Ding is secretly affiliated with two China-based technology companies. He had a colleague scan his badge to falsely indicate his presence while traveling to China. The case highlights insider threat risks, as Ding stated his goal was to help China achieve computing infrastructure capabilities on par with international levels. Each conviction carries a maximum sentence of 10-15 years.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FACdGcu/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/FRI2cpmSim235hLLcgbAo1IgBirO-_P2RMtuT97ge9k=442">
<span>
<strong>OpenClaw AI Runs Wild in Business Environments (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
OpenClaw, a widely popular open-source AI agent, is rapidly gaining adoption across enterprises, integrating with email, messaging, and system tools, creating powerful non-human identities with broad access. Experts warn that its βvibe-codedβ development, supply chain exposure, and susceptibility to prompt injection form a βlethal trifectaβ of risk.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F01%2F30%2Finformant-told-fbi-that-jeffrey-epstein-had-a-personal-hacker%2F%3Futm_source=tldrinfosec/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/O__KqHsIYJMuSgHxaUDqW7P0sgmqmy-jlLeWhpC6DhI=442">
<span>
<strong>Informant told FBI that Jeffrey Epstein had a βpersonal hacker' (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A 2017 confidential source told the FBI that Jeffrey Epstein employed an Italian hacker from Calabria who specialized in finding vulnerabilities in iOS, BlackBerry, and Firefox, developing and selling zero-day exploits and offensive cyber tools to multiple governments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgobrane.com%2Fwp-content%2Fuploads%2F2026%2F02%2Fmain.pdf%3Futm_source=tldrinfosec/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/1Lj67C6_Uoc1YAbielghffw5uiKcaplqnu0vegqnBMk=442">
<span>
<strong>OpenClaw Observatory Report #1: Adversarial Agent Interaction & Defense Protocols (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This report stages a Red Team vs Blue Team experiment between two autonomous agents to probe three key risks - Access, Exposure, and Agency - to understand how the agents work and think.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fexposed-mongodb-instances-still-targeted-in-data-extortion-attacks%2F%3Futm_source=tldrinfosec/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/SuugGy_QauAU25FcmYvh3SyqzV1u6BZg2EnxlM8h05Y=442">
<span>
<strong>Exposed MongoDB instances still targeted in data extortion attacks (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Automated data extortion attacks compromised approximately 1,400 misconfigured MongoDB instances accessible without authentication.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/NE7w4sujANHDzQmEQAwa1PBfViJuY6dWi93s-O0UrBc=442" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/Md_r7teMDJzNGfZOR4_UuXtsP4pHmoZlRt604a1kn-U=442" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/tQFqvWFcngZxMPOWrX00Sb9BPbjAy3itE_CAWRh-BWQ=442"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/ZTkhJ7UoUmtaaMsgho7V1lEGoFvEF8tU_XYJxo4DNDw=442" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/8mmix7pYIPYxuPV3784Pc3doBBn8nzAjzD6sTceknA0=442" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/wPkjN-Dpn-fui4qae3rbSfaKMgnEm6RL1R1SWLP-z7E=442" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/MYkveR1SuMNFAqdfFLDQgdeb5DPj67KvHxqM9Gc2qpM=442"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/pKsOZJmzqrXuKm1l_ITJnOHIFzgJmv5AMHTp0seUM9M=442"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/hFjGfN3o7eI2GAO6ZHfNpWPYdZFUvsglmqd2uhB2SwQ=442"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/mGfslha-uU-c059oQB8SIM61o5Fvm_f_yHmuhkU6Gfs=442">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=36fc14aa-002f-11f1-935f-cb78ec5f1248%26pt=campaign%26pv=4%26spa=1770040897%26t=1770041236%26s=d00d63f16081dba554be21a9c3608e8ef96c61a40c38732fd8557a96f4713b96/1/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/JcPF3vMAk4Hl5LfZRSW5aLFs05TFk9EO6GLQtyCZsRs=442">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019c1eaddc05-347e59f3-65db-495f-9764-a99037ac9486-000000/U2imy3viHLmknUjCMtbM0LD-T8218hI9SOe0zzvE3Mo=442" style="display: none; width: 1px; height: 1px;">
</body></html>