<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Apple patched CVE-2026-20700, an arbitrary code execution vulnerability in the Dynamic Link Editor discovered by Google's Threat Analysis Group β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/WKGw7_qrXh326ErtO1Hf2yGNzLBkvIxu6jgaLolphp8=444" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/1FZtXciwFSd9GnLbitVKryeP5Pg7Va0StzB6Gyi46_8=444" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=a336e0e2-08c1-11f1-96a0-ed8674f94a85%26pt=campaign%26t=1770991657%26s=ee7e8c7545f89504d670c71953ca82cb676780f15215d980afd4b25796c9a611/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/ly-i99lcomPxLAnw2Ywve03CxhC8w3eNyXbQnz2ne_0=444"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdepthfirst.com%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=2026Q1_newsletter_TLDRInfoSec%26utm_content=primary_placement%26utm_term=demo_request/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/_GHQ7HVMdvL1AOTWRgpBwc5NRFNTQc_kUEoZN3XWugU=444"><img src="https://images.tldr.tech/depthfirst.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Depthfirst"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-02-13</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdepthfirst.com%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=2026Q1_newsletter_TLDRInfoSec%26utm_content=primary_placement%26utm_term=demo_request/2/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/4MgH8tq7hlyDJqshhB4r1QuKuKcx6PkERB-WxCzgqDs=444">
<span>
<strong>Brick your noisy SAST scanner (and your phone) π§±π±(Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Security teams drown in noise: you triage 100 findings, maybe 10 matter, and you lose trust. Meanwhile, devs end up context-switching into code they haven't touched in weeks.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdepthfirst.com%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=2026Q1_newsletter_TLDRInfoSec%26utm_content=primary_placement%26utm_term=demo_request/3/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/Zx_ZNAElnZDWplKG-eKADBt8zmehOsL4WrvLN9yngsA=444" rel="noopener noreferrer nofollow" target="_blank"><span>depthfirst</span></a> reduces false positives by 85% by tracing full attack paths and validating what's exploitable before flagging it. And it tells your devs exactly how to fix it, so the whole team can focus on what matters.</p>
<p>AppSec that finally works, trusted by Lovable, Supabase, Moveworks, Persona, and incident.io.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdepthfirst.com%2Fad-demo%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=2026Q1_newsletter_TLDRInfoSec%26utm_content=secondary_placement%26utm_term=demo_request/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/wxqV3WmAXDXjmRRflMBNk-zr0LSGIhMJqFEfMnRnMKw=444" rel="noopener noreferrer nofollow" target="_blank"><span>Get a demo</span></a> and we'll send you a BRICK device so you can silence your phone too. π±π§±</p>
<p><em>For security and engineering decision-makers.</em>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fapple-fixes-zero-day-flaw-used-in-extremely-sophisticated-attacks%2F%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/OkEm-IjMD0jQ9k2Ot5TXE6hTXzi9xlrBE0b0t2Xva98=444">
<span>
<strong>Apple fixes zero-day flaw used in 'extremely sophisticated' attacks (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Apple patched CVE-2026-20700, an arbitrary code execution vulnerability in dyld (the Dynamic Link Editor) discovered by Google's Threat Analysis Group, which was exploited in targeted attacks against specific individuals running iOS versions before iOS 26, marking the first Apple zero-day patched in 2026. The flaw, chained with two previously patched vulnerabilities (CVE-2025-14174 and CVE-2025-43529), affects iPhone 11 and later, iPad, Mac, Apple TV, Apple Watch, and Vision Pro devices. Fixes are available in iOS 18.7.5, iPadOS 18.7.5, macOS Tahoe 26.3, tvOS 26.3, watchOS 26.3, and visionOS 26.3.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ffoss-daily.org%2Fposts%2Fmicrosoft-notepad-2026%2F%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/lmpj5yzPuOyFzP28uT71TY37677491BFD0dNxNo1UOE=444">
<span>
<strong>Microsoft's Notepad Got Pwned (They Added AI To It, So...) (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CVE-2026-20841 (CVSS 8.8) is a command injection flaw in Microsoft's updated Notepad (versions 11.0.0 to 11.2509). The vulnerability arises because the Markdown handler does not validate link content before execution, allowing attackers to execute remote code when users open a malicious .md file and click an embedded link. Public proof-of-concept exploits exist, and the vulnerability is actively being exploited, granting attackers full permission to execute code. Microsoft addressed this issue in Notepad build 11.2510+ on February 10. Users are advised to disable Markdown and link previews when unnecessary.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FZc1wxn/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/bHgEcl-FFWKgdmQXUDrbdrFpkpiWGLtZ5kVs1q7qgeE=444">
<span>
<strong>ApolloMD Data Breach Impacts 626,000 Individuals (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A May 2025 cyberattack on ApolloMD exposed PII and PHI for 626,540 people associated with affiliated physicians and practices, including diagnoses, treatment details, insurance data, and, in some cases, Social Security numbers. Notifications began in September 2025, with free credit monitoring offered, and Qilin ransomware actors later claimed responsibility on their leak site.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhorizon3.ai%2Fcustomer-story%2Ffrom-patch-tuesday-to-pentest-wednesday-continuous-validation-in-a-regulated-environment%2F%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/vifWKkoIwXjPxeRjhyytiaUaV7QcIRdbpfKTFCIOrFw=444">
<span>
<strong>From Patch Tuesday to Pentest Wednesday: Continuous Validation in a Regulated Environment (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A financial services organization transitioned from annual compliance-driven pentesting to weekly continuous validation, revealing that a single read-only AWS credential enabled 39 distinct attack paths, including full account compromise in under 10 minutes and access to over 100,000 sensitive files. The shift to frequent automated testing reduced mean time to remediate from months to days, with the team completing roughly 40 pentests in eight months and uncovering previously invisible risks, including overly permissive SMB shares, IAM privilege escalation paths, and a critical PAN-OS vulnerability (CVE-2025-0108). The case study demonstrates how continuous validation transforms security programs from point-in-time compliance exercises into operational exposure management, where findings are prioritized by proven exploitability and mapped to real threat actor TTPs like Scattered Spider.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Funit42.paloaltonetworks.com%2Fnotepad-infrastructure-compromise%2F%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/-4zZz6oHmpqfn9CteEeeBvSBGb6Lq3wMmVBGvEEnMFw=444">
<span>
<strong>Nation-State Actors Exploit Notepad++ Supply Chain (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Lotus Blossom compromised the Notepad++ hosting infrastructure between June and December 2025, hijacking the update server to selectively serve malicious installers to targets across government, telecom, and critical infrastructure sectors in Southeast Asia, South America, the US, and Europe. The attack delivered two infection chains β a Lua script injection variant deploying Cobalt Strike beacons and a DLL sideloading variant using a renamed Bitdefender component to load the Chrysalis backdoor with Warbird-protected evasion techniques. Users should manually update to Notepad++ v8.9.1 or later, which includes certificate and signature verification for downloaded installers.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcybersecnerds.com%2Fbadpods-series-everything-allowed-on-aws-eks%2F%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/UGm4GVLYh9v_9iesdG0M8MGkoIy9fJ1_mZxibpzhr30=444">
<span>
<strong>BadPods Series: Everything Allowed on AWS EKS (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This is the first post in a series using BishopFox's BadPods, which features a variety of pod manifests with varying levels of misconfiguration, to investigate the protections included in different cloud providers' managed Kubernetes offerings. This series includes the most permissive pod manifest, which the author uses to trivially escape the pod via a mounted host path and then further escalate privileges within the account by stealing IAM credentials from IMDS.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fquesma.com%2Fblog%2Fintroducing-binaryaudit%2F%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/xrk_XppvAQElXKqAWW5jPrPDPm6GZNmH0MEmvapupU4=444">
<span>
<strong>We hid backdoors in binaries β Opus 4.6 found 49% of them (13 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
BinaryAudit is an open-source benchmark from Quesma for evaluating AI agents' ability to detect backdoors in stripped binary executables using reverse engineering tools like Ghidra and Radare2. The benchmark tests models against backdoored versions of lighttpd, dnsmasq, Dropbear, and Sozu, with Claude Opus 4.6 leading at 49% detection but hampered by a 22% false positive rate across clean binaries. Results highlight that while AI-assisted binary analysis is becoming accessible to non-specialists, high false positive rates and inability to trace data flow through complex binaries make it unsuitable for production malware detection today.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fnucleussec.com%2F%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/d7ck1q54UtO_111U6zsdLE5VW5-lKO03_fWfOdrRY5Q=444">
<span>
<strong>Nucleus (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Nucleus provides an exposure management orchestration platform that ingests data from 200+ security and asset tools, normalizes and correlates vulnerabilities with threat intel and business context to prioritize and remediate risk across environments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fmotdotla%2Fdotenv%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/ZxHEz3Sa2N7OusPcnxWZcnZC2CpjlMecZ0Bztd9nj-Y=444">
<span>
<strong>Dotenv (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Dotenv is a zero-dependency module that loads environment variables from a .env file into process.env, storing configuration in the environment and separating from code while following the Twelve-Factor App methodology.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fkrebsonsecurity.com%2F2026%2F02%2Fkimwolf-botnet-swamps-anonymity-network-i2p%2F%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/elb9SiuMC3U-EbK2BzEzUb6WxQKqea77XK0CUOuBCow=444">
<span>
<strong>Kimwolf Botnet Swamps Anonymity Network I2P (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Kimwolf IoT botnet accidentally disrupted the I2P anonymity network after attempting to register 700,000 infected devices as nodes β a Sybil attack that overwhelmed the roughly 15,000-20,000 node network β while seeking takedown-resistant C2 infrastructure. The botmasters, who admitted to the disruption on Discord, have been experimenting with both I2P and Tor as fallback command-and-control channels after security companies and network operators intensified efforts to combat the botnet. I2P is currently operating at roughly half capacity as stability fixes roll out, while Kimwolf's overall numbers have reportedly dropped by more than 600,000 infected systems following internal operator disputes and operational errors.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F02%2F11%2Fmicrosoft-says-hackers-are-exploiting-critical-zero-day-bugs-to-target-windows-and-office-users%2F%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/_WkUlt4TAXRuDKXViytb2lzr2BmkTc1tLHfacqsB47Q=444">
<span>
<strong>Microsoft says hackers are exploiting critical zero-day bugs to target Windows and Office users (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft has shipped emergency fixes for several actively exploited Windows and Office zero-days that enable one-click remote code execution and SmartScreen bypasses across all supported Windows versions. Attackers can silently run high-privilege malware, enabling ransomware and espionage campaigns. Admins and end users are urged to patch immediately and treat malicious links and Office files as high risk.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F02%2Fgoogle-reports-state-backed-hackers.html%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/DmqkZch_P2LawaH8f9yeRw4CmjBJ4mAs-O4dGWclGxs=444">
<span>
<strong>Google Reports State-Backed Hackers Using Gemini AI for Recon and Attack Support (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google's threat team details how North Korean group UNC2970 and others weaponize Gemini for OSINT-driven target profiling, tailored phishing, vulnerability analysis, and exploit debugging, blurring the line between research and reconnaissance. Attackers also use Gemini's API in HONESTCUE malware, AI-built COINBAIT phishing kits, and large-scale model extraction attempts that clone Gemini's behavior via high-volume prompt queries.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fsecurity%2F2026%2F02%2Fonce-hobbled-lumma-stealer-is-back-with-lures-that-are-hard-to-resist%2F%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/PZMiusvFaFmhh4lTu4pUCkoTQhHX86HZ3bCZfI4rfU4=444">
<span>
<strong>Once-hobbled Lumma Stealer is back with lures that are hard to resist (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Law enforcement crippled Lumma Stealer's infrastructure in 2025, but the infostealer has rapidly rebuilt and is spreading again using persuasive βClickFixβ fake CAPTCHA prompts that trick users into running commands in Windows Terminal, loading CastleLoader in memory, then Lumma.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FrZ5x0J/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/CPfrSPLTSmJzSD3A4WpFXI3eAX3knIwFBCcJYh87_Lg=444">
<span>
<strong>Google-Intel Security Audit Reveals Severe TDX Vulnerability Allowing Full Compromise (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google Cloud Security conducted a five-month security audit of Intel's Trust Domain Extensions and discovered five vulnerabilities.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Frussia-tries-to-block-whatsapp-telegram-in-communication-blockade%2F%3Futm_source=tldrinfosec/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/_OsP0_FJ4Ycz4dI2tfDYrQXc56HwP7YqbPA1zbduACw=444">
<span>
<strong>Russia tries to block WhatsApp, Telegram in communication blockade (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Russia is escalating its crackdown on independent messaging platforms by attempting to fully block WhatsApp and throttling Telegram.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/R9XTxvixwcf_ppCEu1Y5rcB8uvBeWxbq9odapLap2nU=444" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/NS4jsMAIlMxWBmfO-cDs0qW2njWi7qexGXdnsMF8irU=444" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/iGIGqB7FiSUccNI98DMsTGKxvL1eaUUFbc26M5A_w8w=444"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/miXIJVluhLP39rh0ioyPrYcK7sZ4IH7rMZcXIuGRVYE=444" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/YkSGJIOjSuhTMv5KzXzryPGHwyPkN47COghVXQKejYA=444" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/ZOr7P4k40dhHgdk8sibeTb5sCtAh-aKzG1OFWqpJ4l8=444" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/XE606QLSuHgcTL6qdTq2ZESJtZHlK7Lvd5UGk-I2pqQ=444"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/vgYkD6P55CNsnXbBrfq_JyiCxoE_7pwM90BkPs7R7zk=444"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/GWhqy_0da8h0yKtO863H2z3sfeYv2f17KRZLsuqfTG0=444"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/t5tgPg5irquSVWuwcu8tXLlg1GKAlM8xKtEwPGorFyk=444">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=a336e0e2-08c1-11f1-96a0-ed8674f94a85%26pt=campaign%26pv=4%26spa=1770991335%26t=1770991657%26s=a59f41537ab9f69ced8f55be31249a145b96c05694c40af3f493b0a8ed5900f1/1/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/opJhx1HU_c53vDOyFtmdJnZOH-GKFb3NeV7raN0Ox1o=444">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019c5754221a-0b38634b-fcaf-4500-820e-6096516fac35-000000/xJOM2Fo08kwHUSwWx4L4NR4SUo2v14uy5ad3Jwq63TQ=444" style="display: none; width: 1px; height: 1px;">
</body></html>