<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">The European Commission is investigating a breach after finding evidence that its mobile device management (MDM) platform was hacked </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/Bk5Adzc-nIPD_RJWBKof2cUjR-K0CFWHwh3FC-PhzKo=443" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/NO3TYVwO1JzQfTpYAlRmtyZrntUC05jEBHxor4m9_Ws=443" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=59a8da76-064f-11f1-9845-97197d29269c%26pt=campaign%26t=1770732420%26s=c060337366833a145d2464beb563f05be81cf468b4983859728bb31662cb2b68/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/-1VzlfUUESIy4jegRn_80rz2UlIGqMrEqnY-8gEwC8k=443"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fai-and-threat-intelligence-guide%3Futm_campaign=Resource_RP_AI_Threat_Intelligence%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000RZE8cIAH/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/-FzRGCwygQ640nxf4O0vuti9ECEEhawhYijfsDB0P5M=443"><img src="https://images.tldr.tech/flashpoint.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Flashpoint"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-02-10</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fai-and-threat-intelligence-guide%3Futm_campaign=Resource_RP_AI_Threat_Intelligence%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000RZE8cIAH/2/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/R5UP2lhC2fhsKkKwJeSmhyZgZLUQyM-70H-zs5TmQVo=443">
<span>
<strong>The Dark Side of AI: 2.6MM Underground Messages Analyzed (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Flashpoint just released a massive study of the AI threat landscape. Analysts monitored over <strong>2.6 Million AI-related posts</strong> across Telegram, the dark web, and underground LLM forums.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fai-and-threat-intelligence-guide%3Futm_campaign=Resource_RP_AI_Threat_Intelligence%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000RZE8cIAH/3/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/zL0_C0eSE-p-l4yrNHx7rDkon-QGRSQmqj6tImdEDu0=443" rel="noopener noreferrer nofollow" target="_blank"><span>The findings are a wake-up call</span></a>. Threat actors are no longer just "experimenting" — they are deploying:</p>
<ul>
<li><strong>Deepfake-as-a-Service</strong> for sophisticated social engineering.</li>
<li><strong>Multilingual phishing kits</strong> that erase language barriers.</li>
<li><strong>Fraud-GPTs:</strong> Custom LLMs fine-tuned specifically for malicious activity.</li>
</ul>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgo.flashpoint.io%2Fai-and-threat-intelligence-guide%3Futm_campaign=Resource_RP_AI_Threat_Intelligence%26utm_source=tldrinfosec%26utm_medium=newsletter%26sfcampaign_id=701Rc00000RZE8cIAH/4/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/4wA4HGLSlqa-WGQ8-k-jK5RCFoKrw8zyi_fa2gRLqlY=443" rel="noopener noreferrer nofollow" target="_blank"><span><strong>Get the Free Guide </strong></span></a>to learn how to stop AI-powered attacks.
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🔓</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhetmehta.com%2Fposts%2Fn8n-type-confusion-rce%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/a4jNG7Vg5A5b9YXx0VK-1F_GiBCIvUzwrOMfv13GBXo=443">
<span>
<strong>Breaking Down CVE-2026-25049: How TypeScript Types Failed n8n's Security (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CVE-2026-25049 (CVSS 9.4) exploits a type confusion flaw in n8n's expression evaluator, bypassing a prior security patch by sending object inputs instead of strings — since TypeScript types are stripped at compile-time, the runtime sanitizer never executed. Attackers use JavaScript destructuring to access the Function constructor and achieve unauthenticated RCE via public webhook endpoints, exposing stored credentials, API keys, and internal network access. Users should upgrade to n8n versions 1.123.17 or 2.5.2 and implement runtime type validation using typeof checks or a schema validation library such as Zod.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Feuropean-commission-discloses-breach-that-exposed-staff-data%2F%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/ZUBzyDI9jRpOaD_Vt-vfaezMgsH6a-76U_KzbwPd8Ow=443">
<span>
<strong>European Commission Discloses Breach That Exposed Staff Data (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The European Commission is investigating a breach after finding evidence that its mobile device management (MDM) platform was hacked. It has not found any evidence that mobile devices were compromised, but confirmed that attackers have accessed some staff members' personal information, such as names and phone numbers. The European Commission did not disclose how the attackers compromised its MDM system, but the attack shows similarities with other attacks on European institutions that exploit vulnerabilities in Ivanti Endpoint Manager Mobile software.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fbeyondtrust-warns-of-critical-rce-flaw-in-remote-support-software%2F%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/4NKw9jr-YrKx4VAd3KksgMdFQ2rRSyFpg6-3cA52nFg=443">
<span>
<strong>BeyondTrust Warns of Critical RCE Flaw in Remote Support Software (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
BeyondTrust warned customers to patch a critical vulnerability in its Remote Support and Privileged Remote Access software that could allow unauthenticated attackers to execute arbitrary code via OS command injection. The vulnerability can be exploited by unauthenticated attackers without requiring user interaction by sending specially crafted client requests. BeyondTrust has secured all cloud systems and advises all on-premises customers to patch their systems manually if they haven't enabled auto updates.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧠</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.huntress.com%2Fblog%2Fwindows-projected-file-system-mechanics%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/yl3RPHH2KIFTX2qd0DQLCqKlcEIdRGFxn0zY9ROXBYw=443">
<span>
<strong>The Phantom File System: Inside the Windows ProjFS (14 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Windows Projected File System (ProjFS) operates as a minifilter (prjflt.sys) rather than a true filesystem, using reparse points and filter communication ports to project virtual files on demand. Offensively, medium-integrity users can launch ProjFS providers without admin privileges, prevent higher-privileged processes from deleting files, and serve different file contents per process — all potential avenues for evasion and persistence. Defensively, ProjFS offers a lightweight alternative to custom minifilters for deploying canary files with rich callback data, including triggering process ID and image path, particularly relevant as Microsoft moves toward reducing kernel-mode dependencies.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.kaspersky.com%2Fblog%2Fhow-to-recognize-a-deepfake%2F55247%2F%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/U1D1idiZu_2G-W2BfwkTd8EGkaeDLV4uvJIH7PnnqYA=443">
<span>
<strong>How to recognize a deepfake: attack of the clones (7 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This post outlines practical techniques for identifying deepfake scams across video calls, voice messages, and photos. Modern neural networks can clone a voice from just three to five seconds of audio. Key detection methods include requesting head turns to break face-swap algorithms, watching for lip-sync delays of even 100 milliseconds, and using pre-agreed codewords for identity verification. Organizations and individuals are advised to restrict public access to photos and voice recordings, enable 2FA on all accounts, and use content analysis tools such as Sensity AI and Deepware for automated detection.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F4Wtq3h/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/1hv0rdTxXIxG9N3fVAfSAJE2gKBnaljNsl_U4TAVfj4=443">
<span>
<strong>Uncovering Threats Through WAF Logs: A Threat Hunter's Lens (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
WAF logs are often overlooked in threat hunting because every request must pass through them. Defenders can look for potential reconnaissance patterns, including using non-standard HTTP methods on public pages, CMS helper endpoint exposure, systematic enumeration across multiple sites, and infrastructure-based anomalies such as TOR exit nodes. The article also includes KQL queries for practical threat detection.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧑💻</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="mailto:itcurator@tldr.tech?utm_source=tldrinfosec">
<span>
<strong>TLDR is hiring a Curator for TLDR IT! (TLDR Curator, ~5 hrs/week)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
We are launching a brand new newsletter covering IT and enterprise tech.<p></p><p>If you are an IT leader interested in writing for us, please send your resume or LinkedIn to <a href="mailto:itcurator@tldr.tech" rel="noopener noreferrer" target="_blank"><span>itcurator@tldr.tech</span></a>!
</p>
</span></span></div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FS1lkys%2FPhantomFS%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/N7o5sd_YJz6Rsdyk6zjYUoZws15pVO2zQ4wShXPAwDg=443">
<span>
<strong>PhantomFS (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
PhantomFS is a Windows ProjFS-based tool that projects virtual files whose content varies by the requesting process, serving AES-256-CBC-encrypted payloads to allowed processes (e.g., cmd.exe) while returning decoy bytes to all others. Inspired by Huntress' recent ProjFS research, the tool runs at medium integrity without admin privileges and blocks delete/rename attempts from non-allowed processes. Detection is possible via ProjFS reparse points, the PrjFlt minifilter at filter altitude 189800, and the Microsoft-Windows-ProjFS ETW provider.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FCorvraLabs%2FEvilNeko%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/togm8FpLy4d8jUkdmtNAm_1Zdv5oW7Z_UJc6y-zjGjY=443">
<span>
<strong>EvilNeko (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
EvilNeko is a project to automate container orchestration and operationalize Browser in Browser attacks for red teams.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FEvilBytecode%2FIDontLikeFileLocks%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/LX6X1KSCf7lgd0wMNcIOdfgDNZ7fQ3hjhRHKh560FR4=443">
<span>
<strong>IDontLikeFileLocks (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
IDontLikeFileLocks is a tool that dumps locked browser databases.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🎁</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Fopenclaw-add-ons-crypto-theft-macos-malware%2F%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/I4ILV5S6ljGw0z8iKaqohOA1vYE-jLpOWrmEVoAsHCM=443">
<span>
<strong>17% of 3rd-Party Add-Ons for OpenClaw Used in Crypto Theft and macOS Malware (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
17% of third-party "skills" for the popular open-source AI tool OpenClaw, which has over 160,000 GitHub stars, are malicious. Over half (54%) of these threats target cryptocurrency users with fake wallet trackers, DEX tools, and Solana/Phantom utilities. One user account, sakaen736jih, is associated with 199 malicious skills that steal private wallet keys and deploy AMOS Stealer malware on macOS. The malware campaign has extended into corporate settings, leading Bitdefender to develop a free AI Skills Checker tool to help users vet add-ons before installing.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftisiphone.net%2F2026%2F01%2F04%2Fmy-top-5-recommendations-on-ot-cybersecurity-student-upskilling%2F%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/Q8PFLyQWKIleDu8rcYmZ0syX9996CYqek14EChZUMrs=443">
<span>
<strong>My Top 5 Recommendations on OT Cybersecurity Student Upscaling (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A guide from Lesley Carhart, aka hacks4pancakes, on the skills prospective Operational Technology (OT) students should focus on. Students should focus more on processes and systems of systems rather than hacking individual devices. Start with one process, consider safety and process continuity, since most OT engagements involve critical systems, and get comfortable with older computers. The post also includes a list of free learning resources.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">⚡</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftherecord.media%2Fromania-conpet-oil-pipeline-ransomware-attack%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/r_VbTrWiNr2c0Q43viPKNrBnHw5pe5NdgVhNGQVNrmQ=443">
<span>
<strong>Romania's oil pipeline operator confirms cyberattack as hackers claim data theft (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Romania's national oil pipeline operator, Conpet, confirmed that a cyberattack disrupted its IT infrastructure.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fchinese-cyberspies-breach-singapores-four-largest-telcos%2F%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/RXuI5islAg5jlVS58hCJA1K2jG-5YBI6MFU6IokqSo8=443">
<span>
<strong>Chinese cyberspies breach Singapore's four largest telcos (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Chinese threat actor UNC3886 breached all four of Singapore's major telcos (Singtel, StarHub, M1, and Simba) using a zero-day firewall exploit and rootkits for persistence, prompting Singapore to deploy "Operation Cyber Guardian."
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4129393%2Fopenclaw-integrates-virustotal-malware-scanning-as-security-firms-flag-enterprise-risks.html%3Futm_source=tldrinfosec/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/NnfcMIjY2DSKFY8dk5VJxdlXjJM_PPM-B-GjUWC3lT4=443">
<span>
<strong>OpenClaw integrates VirusTotal malware scanning as security firms flag enterprise risks (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
OpenClaw integrated VirusTotal malware scanning into its ClawHub skills marketplace after security researchers discovered 341 malicious skills in a campaign dubbed "ClawHavoc."
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/ZuzllNeXwVbHr5jJr36WK_tUZSIyCVOX5zzAmW4Pypw=443" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/IUQbYc8MsLLyXMcImR322M1u565jVVS9z371e4MLU1o=443" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? 📰
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/Hm2nFu_Qx8paL8sLG8gFABe9K96lLwB26cXXiViOG9U=443"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? 💼
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/j0_mW2vRSC-IgP3acVKTntAwRCFEqcAmCbVRNqEAyyg=443" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/-1pdfynTEKli07Hc8Vw0ML4atMVSAk-NiaYYyRer3IM=443" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/W3BglDREGQpCljKd3loq19Hnq7-op48dHzUqH88n1a8=443" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/k7fTdc6XgCtqza02QpDwBIbNrA1vdIv5wxZF-yqxYKQ=443"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/08OhGnfcAwAWq6lwZvQlRor5Gl5cnQ-gGGDe4Iuy7ro=443"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/WDclUxWIcCIFw3QNPvwwvjcB3KnJEkxcgQnkhpRHQI4=443"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/oR7koUoNwIbZz_KkqPlbNzvYXFV-PbU5uI32DPo5zTE=443">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=59a8da76-064f-11f1-9845-97197d29269c%26pt=campaign%26pv=4%26spa=1770732101%26t=1770732420%26s=5100ba41614b0dee1be5a101ea054532304cd035db4ebc44cc3474cabebb4da5/1/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/QwrQLmCoD-rRhHx4CD2uoueNL19UvnZzPOAF0sQJaqU=443">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019c47e07df2-75e32822-bcd4-4491-b330-78c8634a0aac-000000/7Sp19mlPzxejORviUiIy08wfCCCPTIzBmOSyHlcC7yY=443" style="display: none; width: 1px; height: 1px;">
</body></html>