<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Extortion group ShinyHunters stole roughly 14 million records from Panera Bread by compromising a Microsoft Entra SSO code β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/NEHfHwEnD4NhzX7wBz0C2vsMzp2I-iqnONh_YcVgNH0=443" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/IxtCUoyY-6m7XnUwwg70DFNJnve2ei8HDqil64EHaFs=443" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=10327f48-01ac-11f1-9d8e-9f41fd115405%26pt=campaign%26t=1770214008%26s=3e9d36d6ad143d185aae8766f63ad1359b899c710c8d70599c9ae2999ad2a58a/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/-FXcUotHVStCbKL5NJsVbeLN96oWL2X8q_90dx1F8Fw=443"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.nudgesecurity.com%2Fcontent%2Fpractitioners-guide-to-google-workspace-security%3Futm_medium=sponsored%26utm_source=tldr2%26utm_content=newsletter%26utm_campaign=google_security%26utm_term=primary_google-security-guide_260204/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/t3cIGpyqKEvGOSaoH_pxeWO93U2IdU4bPcVn2xCLuNA=443"><img src="https://images.tldr.tech/nudge2.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Nudge"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-02-04</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.nudgesecurity.com%2Fcontent%2Fpractitioners-guide-to-google-workspace-security%3Futm_medium=sponsored%26utm_source=tldr2%26utm_content=newsletter%26utm_campaign=google_security%26utm_term=primary_google-security-guide_260204/2/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/ghRjE2KjPUbhDDyiHSiks5m20ApD8IPv1tQTA7VbRuo=443">
<span>
<strong>5 critical Google Workspace security settings you might be missing (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Set it and forget it? Not when it comes to securing Google Workspace. Configuration drift, admin sprawl, and risky integrations creep in over time, opening up security gaps that attackers love to exploit. This checklist from <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.nudgesecurity.com%2F%3Futm_medium=sponsored%26utm_source=tldr2%26utm_content=newsletter%26utm_campaign=google_security%26utm_term=primary_google-security-guide_260204/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/nT0Muh76MvCKq31y2jzZQirXNMene1f2z2vVCmLQyGE=443" rel="noopener noreferrer nofollow" target="_blank"><span>Nudge Security</span></a> will help you catch common mistakes and keep your security tight.
<br>
<br>For each security setting, we cover:
<br>- Common misconfigurations to look out for
<br>- Best practices for effective risk reduction
<br>- How to tailor settings based on user privilege
<br>
<br><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.nudgesecurity.com%2Fcontent%2Fpractitioners-guide-to-google-workspace-security%3Futm_medium=sponsored%26utm_source=tldr2%26utm_content=newsletter%26utm_campaign=google_security%26utm_term=primary_google-security-guide_260204/3/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/SwODap-001CFOndkHM3j6fG7vOC6lWsy_NvJNootWqI=443" rel="noopener noreferrer nofollow" target="_blank"><span>Get the guide</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FnGzSDc/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/5yveWP5SEEwUzf2fLKCQr5pmtzNalXTQGG01jL3Io0Y=443">
<span>
<strong>Hackers Leak 5.1 Million Panera Bread Records (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Extortion group ShinyHunters stole roughly 14 million records from Panera Bread by compromising a Microsoft Entra SSO code, then leaked a 760GB archive after failed ransom demands. The dump includes 5.1 million unique customer email addresses, along with names, addresses, and phone numbers, creating significant downstream risk of phishing, credential stuffing, and identity-based attacks that can extend far beyond Panera's ecosystem.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FtcZDHG/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/OPiOC1vjw1fOr1y4cUipci7AybrcuY56KPd2U0wFLlI=443">
<span>
<strong>New GlassWorm Attack Targets macOS via Compromised OpenVSX Extensions (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers at Socket Security identified a new set of compromised packages on the OpenVSX marketplace that appear to be infected with the GlassWorm malware. The malware targets macOS users and harvests data from browsers, wallet extensions and wallet apps, macOS keychains, Apple Notes databases, Safari cookies, developer secrets, and documents from the local filesystem. The researchers note that the extensions operated legitimately for two years prior to infection, so it is possible that the developer was compromised.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F4gRs9P/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/82HEk9049lExw5sItt0hsX73WkVL9H__8HHiEG2CJFs=443">
<span>
<strong>Researcher Reveals Evidence of Private Instagram Profiles Leaking Photos (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A security researcher discovered a vulnerability in Instagram that exposed links to private photos and captions in the HTML source code of some private profiles. The researcher found that, in their testing, 28% of the accounts they created or had access to exhibited this issue. Meta responded to the researcher, stating that the issue was caused by a CDN caching problem and has been fixed, but the researcher contends that it's a backend authorization issue.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fshehackspurple.ca%2F2025%2F11%2F21%2Fhow-to-get-your-first-job-in-cybersecurity%2F%3Futm_source=tldrinfosec/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/kT36G0LCuY7hZgXRfOIeFGE11OJendGc_fdb61pCnUk=443">
<span>
<strong>How To Get Your First Job in Cybersecurity (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Job seekers looking to transition to cybersecurity should begin by identifying the role that is right for them, finding a career mentor to guide them, joining learning communities, and developing the required skills. They should then build their online presence and experience by volunteering with the security team at their current job, telling their network about their career transition, building an online portfolio, and polishing their LinkedIn profile. Finally, it's time to apply for the job and prepare for interviews.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fai%2F2026%2F02%2Fthe-rise-of-moltbook-suggests-viral-ai-prompts-may-be-the-next-big-security-threat%2F%3Futm_source=tldrinfosec/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/wGq2Ah5DAssbzqKcRAhxIVfAwSX8OVL6X1yBk6mqnxs=443">
<span>
<strong>The rise of Moltbook suggests viral AI prompts may be the next big security threat (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Self-replicating βprompt wormsβ are emerging as a serious security risk as OpenClaw's autonomous AI agents interact on Moltbook, install unvetted skills, and access private data. Researchers have already found hidden prompt-injection attacks, leaked API keys, and misconfigured databases that could allow attackers to silently execute malicious instructions. With more capable local models coming, today's OpenClaw ecosystem looks like a high-stakes dry run for much larger, harder-to-stop AI agent outbreaks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.doyensec.com%2F2026%2F02%2F03%2Foutline-audit-q32025.html%3Futm_source=tldrinfosec/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/9H-dMpl-tvt6uzFwmlmwgC0Ll5U18yEawmM4NfZgvW8=443">
<span>
<strong>Auditing Outline: Lessons from Manual vs AI Security Testing (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This post shares results from a 60-day audit of Outline's open-source wiki, uncovering seven vulnerabilities ranging from SSRF and CSRF to insecure design and an IDOR in event logging. The authors highlight strong baseline security in Outline's API design, but also note that subtle framework behaviors and outdated dependencies led to real-world issues, including a potential admin account takeover. One finding was uniquely caught by an AI security platform, yet most AI-reported issues were persuasive false positives that consumed 40 hours of validation. The conclusion emphasizes that AI tools are promising assistants, but human expertise remains essential for highβquality security reviews.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="mailto:itcurator@tldr.tech?utm_source=tldrinfosec">
<span>
<strong>TLDR is hiring a Curator for TLDR IT! (TLDR Curator, ~5 hrs/week)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
We are launching a brand new newsletter covering IT and enterprise tech.<p></p><p>If you are an IT leader interested in writing for us, please send your resume or LinkedIn to <a href="mailto:itcurator@tldr.tech" rel="noopener noreferrer" target="_blank"><span>itcurator@tldr.tech</span></a>!
</p>
</span></span></div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FRainbowDynamix%2FGhostKatz%3Futm_source=tldrinfosec/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/6WMIHIOIqxdzmEtaYoz7pwIGPS2pLf3hYhq4aeQJ42I=443">
<span>
<strong>GhostKatz (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
GhostKatz extracts LSASS credentials directly from physical memory by abusing signed vulnerable kernel drivers with `MmMapIoSpace` read primitives, bypassing traditional user-mode detection mechanisms like EDR hooks on LSASS. Designed as a modular Cobalt Strike BOF, it currently ships with exploits for Toshiba TPwSav and TechPowerUp ThrottleStop drivers and supports extensibility for custom driver research via `utils.c`. Tested across Windows 10, Server 2012 R2 through 2022, the tool supports both logonpasswords and wdigest credential dumping modes, though operators should note the inherent BSOD risk when leveraging vulnerable kernel drivers in production environments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.rapidfort.com%2F%3Futm_source=tldrinfosec/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/6cag5ojZD9QEV-Z5JrTDb8LAxJ9_I3VsRorSMfgRROo=443">
<span>
<strong>RapidFort (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
RapidFort provides an automated software supply chain security platform that analyzes and hardens containers, eliminates unused and vulnerable components, and delivers curated, near-zero-CVE base images to reduce attack surface before production deployment.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FCodeXTF2%2FOpenMalleableC2%3Futm_source=tldrinfosec/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/n1q9K2ex87HdNNQSn-ES-_bM2zh16pv5QO7CfdyZdQc=443">
<span>
<strong>OpenMalleableC2 (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
OpenMalleableC2 is a framework-agnostic library that implements Cobalt Strike's Malleable C2 profile for HTTP transformations.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.cryptographyengineering.com%2F2026%2F02%2F02%2Fwhatsapp-encryption-a-lawsuit-and-a-lot-of-noise%2F%3Futm_source=tldrinfosec/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/fajdGSs_LGFnaTp-cIhEUHZFEyw2kJYm5FtGeVl0vBo=443">
<span>
<strong>WhatsApp Encryption, a Lawsuit, and a Lot of Noise (14 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Cryptographer Matthew Green analyzes a class action lawsuit alleging Meta can secretly read all WhatsApp messages, concluding the claims lack solid evidence and that mass-scale decryption backdoors would be detectable through reverse engineering of the closed-source client app. While acknowledging legitimate privacy concerns around WhatsApp's metadata collection, backup encryption complexity, and new AI-powered "Private Processing" features, Green argues these known limitations are far removed from the deliberate universal plaintext access alleged in the complaint. Security professionals who remain uncomfortable trusting WhatsApp's closed-source implementation are advised to use Signal, which offers open-source code and reproducible builds for independent verification.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F02%2Fdocker-fixes-critical-ask-gordon-ai.html%3Futm_source=tldrinfosec/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/cR7vwe3vb1JNVl-zY6OqeMfxf59cSUX0RNVKNnuOvVA=443">
<span>
<strong>Docker Fixes Critical Ask Gordon AI Flaw Allowing Code Execution via Image Metadata (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Docker patched a critical βDockerDashβ vulnerability in its Ask Gordon AI assistant that allowed attackers to hide malicious instructions in Docker image metadata labels, leading to remote code execution and data theft via MCP tools. The flaw exploited meta-context injection and breached trust boundaries among the AI, MCP gateway, and local tools, and is fixed in Docker Desktop 4.50.0.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F9egLBZ/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/M7MhfUVadXX-ptvWBr_xEY_KrWFy-4Ua8qGysKdr3M4=443">
<span>
<strong>County Pays $600K to Wrongfully Jailed Pen Testers (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
In 2019, two Coalfire consultants, legally hired to test an Iowa courthouse's security, were arrested for burglary after a county sheriff overrode officers who had verified their contract. Their prosecution dragged on for months, damaging careers and client relationships, until Dallas County agreed to a $600,000 settlement seven years later.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fauditboard.com%2Finfoseccompliancenow%3Futm_campaign=infosec-compliance-now-2026-02%26utm_medium=display%26utm_source=tldr-compliance%26utm_content=02-04-26/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/Q5qXMTQR1ZdLY8Gs6-Y0umyONS04qPmGncybAFnBPdg=443">
<span>
<strong>Earn up to 4 free CPE credits at Infosec Compliance Now 2026 [half day, virtual] (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AuditBoard's free virtual event features risk experts from EY, Kimberly-Clark, and OpenAI. Get up to 4 free CPE credits as you learn practical cybersecurity skills and frameworks. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fauditboard.com%2Finfoseccompliancenow%3Futm_campaign=infosec-compliance-now-2026-02%26utm_medium=display%26utm_source=tldr-compliance%26utm_content=02-04-26/2/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/nuBLqloXFIkAlSBIUlBJd-VsDVlOlnQp7ui3FUcH5To=443" rel="noopener noreferrer nofollow" target="_blank"><span>Register now</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F02%2F02%2Frussialinked_apt28_microsoft_office_bug%2F%3Futm_source=tldrinfosec/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/W99i0mhxjIBNPCvVs-mIcBRBSNuDiD5GpAifGDnmhLU=443">
<span>
<strong>Russia-linked APT28 attackers already abusing new Microsoft Office zero-day (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
APT28 is actively exploiting CVE-2026-21509, a Microsoft Office security feature-bypass zero-day, in phishing campaigns targeting Ukrainian government agencies and EU organizations.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FLzP4QE/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/Qypv4PZ2a48tNFWW4zlS4mZo61IKAyl13mm26lwx7ho=443">
<span>
<strong>Coinbase confirms insider breach linked to leaked support tool screenshots (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Coinbase confirmed an insider breach in December 2025, where a contractor improperly accessed data of approximately 30 customers.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F02%2F03%2Fgithub_kill_switch_pull_requests_ai%2F%3Futm_source=tldrinfosec/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/52mNUKiW_cjAcUYlTA0e9j6fH50bXlXsUcjJFuh_kD4=443">
<span>
<strong>GitHub ponders kill switch for pull requests to stop AI slop (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
GitHub is exploring options, including disabling pull requests and requiring AI disclosure, after open-source maintainers reported that the vast majority of AI-generated contributions are low-quality work that increases review burden and erodes community trust.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/ZkUWjWL1Nt0DalbZXWWkGlP2tmBkkmiad4pqSHb_dp4=443" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/Q6yeGcBzxqxBv4TOK1lnxYXzp9mTiLLS9_gThIK7W_U=443" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/3hc5MlL0-xiIvb4kt9J1GHSt48TajOVw7I5X2OASZ1E=443"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/LvlK3Xd4YSsjmE4pLaYcIpNwik3ciXfp61qhSVt_iiM=443" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/7AastTBpk06ZE97Zb8kBYB3YhYBQ81fmi6DrkiAjRmI=443" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/ojMqJ4aG8TeJ_39Eidai8JCGbLMsEWq9sGoWXeu7LMc=443" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/Z6C4aLj6yLLQLQDbVeK8u2Vl6WlNPWpJqiTjCVRKjfk=443"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/DELBxI2UBDjqpd3FOBo3SY6kEuo53mTxRNP-td7uZ0M=443"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/RUgJSL-DeZzsfTNiXj9Z2CAFRwc-udLl_bUEYFY0ncI=443"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/EZYrez-KRpVYtL06thzmtBUhCbSbP4CbBoDEE_HohO4=443">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=10327f48-01ac-11f1-9d8e-9f41fd115405%26pt=campaign%26pv=4%26spa=1770213689%26t=1770214008%26s=30f42e2c5f76683eee3aaa7704fd0f3a04a763cb233e1f93b9620f7eed1f79e2/1/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/Dh30SGnmiuNZG1rlZP_XABXLyaTvkftBLnu1VTIHdw8=443">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019c28fa2839-283a6981-bdc2-4a23-ae0e-99e2478afcdc-000000/d8K9DtmlxeA6Ba_xpuFpboqx6b2F00SkFOsoi9_l3gM=443" style="display: none; width: 1px; height: 1px;">
</body></html>