<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Franceβs Ministry of Economy disclosed that attackers used stolen official credentials to access FICOBA, the national bank account registry β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/XzSUFlYc5mQPRZ6Yvj4rkjjf1s5q5mr1VaXQELqQfRA=445" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/Yzi8Vg61olpk6_AamE8WO6fbauk5PUKeFYYn2EIFn4c=445" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=954521de-0e29-11f1-a006-e557532372f0%26pt=campaign%26t=1771596457%26s=b217e89b3e9d0c725caef4401a41d65df4b3149c552897a2344895429a8d0630/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/JP-Hshm_W3FX0pbjTknv27-O4hHBKQFbQIn9S4g4-kg=445"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdrata.com%2Fc%2Fdemo%2F%3Futm_source=TLDR_infosec%26utm_medium=display%26utm_campaign=20260220_drata_for_startups_DG_all_ALL/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/5JERq5LvAga3L8GBqHb6WmQYCNiUWBFU8o3OBAN2D4c=445"><img src="https://images.tldr.tech/drata50.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Drata"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-02-20</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdrata.com%2Fc%2Fdemo%2F%3Futm_source=TLDR_infosec%26utm_medium=display%26utm_campaign=20260220_drata_for_startups_DG_all_ALL/2/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/mfsFVDsPb24onSe2tjBX3P3Tz8u3CVye97HTwt0ocnE=445">
<span>
<strong>Manual GRC doesn't scale -- move to Agentic Trust Management with Drata (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Compliance doesn't end when you get your SOC 2 certificate. Security reviews, audits, and vendor questionnaires demand constant attention -- and leave GRC teams too overwhelmed to actually think about security strategy.<p></p><p>Drata's <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdrata.com%2Fc%2Fdemo%2F%3Futm_source=TLDR_infosec%26utm_medium=display%26utm_campaign=20260220_drata_for_startups_DG_all_ALL/3/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/auUJBP-cAWqY4oUaR6IaoeAVHyasGVX74y2beYGweTY=445" rel="noopener noreferrer nofollow" target="_blank"><span>Agentic Trust Management Platform</span></a> automates the most time-consuming tasks, from security questionnaires to continuous evidence collection, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdrata.com%2Fc%2Fdemo%2F%3Futm_source=TLDR_infosec%26utm_medium=display%26utm_campaign=20260220_drata_for_startups_DG_all_ALL/4/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/cBtSm1XLC0voNqdHDdimS0WD45JbEAk4HltXk9P0VSQ=445" rel="noopener noreferrer nofollow" target="_blank"><span>saving teams hundreds of hours</span></a> each year. Drata's AI chases down documents, so you can focus on outcomes.</p>
<p>With Drata's built-in Trust Center, you can streamline security reviews, share your security posture, and build trust faster throughout the deal process.</p>
<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdrata.com%2Fc%2Fdemo%2F%3Futm_source=TLDR_infosec%26utm_medium=display%26utm_campaign=20260220_drata_for_startups_DG_all_ALL/5/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/UyyBoxn3WtvFlrUxlaeLei4UQ9mZXQIAFY280cfLie8=445" rel="noopener noreferrer nofollow" target="_blank"><span>β‘οΈ Automate and accelerate trust with Drata β‘οΈ</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fslcyber.io%2Fresearch-center%2Falmost-impossible-java-deserialization-through-broken-crypto-in-opentext-directory-services%2F%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/LKuIFgW1JLbMGLmNm3CDRpzB2spg9P_IIQ6APkI05Y4=445">
<span>
<strong>Almost Impossible: Java Deserialization Through Broken Crypto in OpenText Directory Services (12 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Searchlight Cyber (Assetnote) discovered an unauthenticated Java deserialization vulnerability in OpenText Directory Services (OTDS) exploitable in its default configuration, stemming from a flawed HMAC signature verification where attacker-controlled length fields allowed truncating the signed message to begin at an injected payload. Exploitation required building a custom Deflate compressor with tailored Huffman codes to produce output restricted to valid modified UTF-8 bytes (0x01-0x7F) while remaining incompressible by zlib, enabling the payload to survive a double-compression pipeline intact. Organizations running OTDS should patch immediately, as a compromise could affect all integrated OpenText applications that rely on it for authentication.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FMO8mCY/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/5T1IwmQhZRYmmlxY3FrlluOBz8IdTpStnJeZfsbHMHs=445">
<span>
<strong>French Government Says 1.2 Million Bank Accounts Exposed in Breach (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
France's Ministry of Economy disclosed that attackers used stolen official credentials to access FICOBA, the national bank account registry, exposing data on 1.2 million accounts, including IBANs, names, addresses, and some tax IDs. Operational banking access and balances were not exposed, but authorities warn of heightened phishing and scams.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fcritical-infra-honeywell-cctvs-vulnerable-to-auth-bypass-flaw%2F%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/bh-D9c4mOKxSgQt4YlChLP1vdQt9ssHPwcsdaYNeeak=445">
<span>
<strong>Critical infra Honeywell CCTVs vulnerable to auth bypass flaw (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CISA warned of CVE-2026-1670 (CVSS 9.8), a missing authentication flaw in multiple Honeywell CCTV models that allows unauthenticated attackers to remotely change the password recovery email address, enabling full account takeover and unauthorized access to camera feeds. Affected models include the I-HIB2PI-UL and several SMB NDAA-compliant PTZ cameras deployed in commercial and critical infrastructure environments. Organizations should isolate these devices behind firewalls, restrict network exposure, and contact Honeywell for patch guidance.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bitsight.com%2Fblog%2Fchinese-vulnerability-database-analysis-cnvd-cnnvd%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/NkQIVdYiSj2O6gurAIP1QUsAP588Q7CO34dWzE-Nn1w=445">
<span>
<strong>Red Vulns Rising: Examining Chinese National Vulnerability Databases (18 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Bitsight analyzed China's two national vulnerability databasesβCNNVD, overseen by the Ministry of State Security, and CNVD, operated by CNCERTβand found that while they largely mirror CVE publication, approximately 1,400 entries were published in Chinese databases before becoming public in CVE, often by several months. China's 2021 RMSV regulations tightened domestic vulnerability disclosure controls, including mandatory 48-hour reporting to the government and prohibitions on sharing PoC exploits. There was a notable decline in non-CVE vulnerability publications from CNVD after the regulation, although CNNVD has recently seen a resurgence. Security leaders should account for potential blind spots in Western vulnerability ecosystems, as some Chinese database entries lack CVE equivalents and may represent vulnerabilities unknown to Western defenders.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadnanthekhan.com%2Fposts%2Fclinejection%2F%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/frypZH9M-CK_Yl1lTeu3K0KEiivNk68K43wlwL4hQko=445">
<span>
<strong>Clinejection β Compromising Cline's Production Releases just by Prompting an Issue Triager (13 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A prompt-injected GitHub issue title could drive Cline's Claude-based triage bot to execute arbitrary commands in CI, then use GitHub Actions cache poisoning to hijack nightly build workflows and steal VS Code Marketplace, OpenVSX, and npm publishing tokens. This chain could have enabled a massive supply-chain attack on millions of developers via malicious extension or CLI updates.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.paradoxis.nl%2Fdecrypting-multidesk-passwords-58af8ad274b3%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/7dCt9nlaHZWhsZs68hkw4E7HYT336u_FTCvPCjgMNms=445">
<span>
<strong>Decrypting MultiDesk Passwords (13 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
MultiDesk RDP client's password encryption was reverse-engineered, revealing RC4 encryption with per-user keys stored in the HKEY_CURRENT_USER\Software\MultiDesk\key registry hive across both legacy (v3.16) and modern (v14.0) versions. Version 3.16 used base64-encoded RC4 ciphertext with rdtsc-generated keys, while version 5+ introduced a salted key derivation scheme using CryptGenRandom, but remained fundamentally RC4-based. Pentesters should add MultiDesk.xml, MultiDesk.multidesk, and the associated registry keys to their internal recon checklists, as credential recovery is trivial with local admin or user-level access to the target machine.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fdarkoperator%2Fmimikatz-missing-manual%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/QdFDEZZSyyWDREvO73IK6ot400iHT_Slxl9Ez3b4x3E=445">
<span>
<strong>The Mimikatz Missing Manual (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Carlos Perez (DarkOperator) has publicly released "The Mimikatz Missing Manual," a comprehensive guide originally developed as private training material with direct input from Mimikatz author Benjamin Delpy, covering Windows identity, Kerberos, and PKI research. The manual spans seven parts, including LSASS credential extraction, Kerberos ticket forgery, DCSync/DCShadow persistence, and DPAPI abuse, with guidance tailored for red teams, blue teams, and security researchers. Available as a GitHub Pages site, it emphasizes not just command references, but the underlying Windows Security Authority internals being manipulated.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.venice.io%2F%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/RoHiACl-dZpK6spyBEJgRDRLH878BZRY9mqw9nRzLlw=445">
<span>
<strong>Venice Security (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Venice Security provides an adaptive privileged access management platform that discovers identities and entitlements across cloud, onβprem, and SaaS, grants justβinβtime access only when needed, and automatically revokes standing privileges to reduce enterprise risk.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fduggytuxy%2FData-Shield_IPv4_Blocklist%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/GVQmYJUJ3Czxr3knCeqHW73rXvKr4sAxRYLvIR_ir4o=445">
<span>
<strong>Data-Shield IPv4 Blocklist (GItHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The Data-Shield IPv4 Blocklist Community provides an official, curated registry of IPv4 addresses identified as malicious. Updated continuously, this resource offers vital threat intelligence to bolster your Firewall and WAF instances, delivering a robust, additional layer of security for your infrastructure.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F02%2Fcitizen-lab-finds-cellebrite-tool-used.html%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/rF88CpBIUnG9pZn_fQUn5xC_rM3CfCoHOrh7gRZih00=445">
<span>
<strong>Citizen Lab Finds Cellebrite Tool Used on Kenyan Activist's Phone in Police Custody (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Citizen Lab confirmed with high confidence that Cellebrite forensic extraction tools were used on Kenyan pro-democracy activist Boniface Mwangi's Samsung phone while in police custody following his July 2025 arrest, potentially enabling full data extraction including messages, passwords, and financial information. The findings follow a similar report of Cellebrite misuse in Jordan and coincide with Amnesty International's discovery of Intellexa's Predator spyware targeting an Angolan journalist via WhatsApp, marking the first confirmed Predator case against civil society in Angola. The cases highlight the growing global abuse of commercial surveillance tools against activists and journalists, with Predator's sophisticated anti-forensics capabilities including crash monitoring, recording indicator suppression, and granular operator control over failed deployments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F02%2Finterpol-operation-red-card-20-arrests.html%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/m05RiexTcd05CPJIEXiIqBmsNw70zwFM9BRyzgxJjXc=445">
<span>
<strong>INTERPOL Operation Red Card 2.0 Arrests 651 in African Cybercrime Crackdown (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
An INTERPOL-led push across 16 African countries led to 651 arrests, $4.3 million recovered, and disruption of online scams causing over $45 million in losses. Authorities dismantled high-yield investment, mobile money, and fake loan schemes, seizing 2,341 devices and taking down 1,442 malicious IPs and domains, with victims identified both in Africa and abroad.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="http://tracking.tldrnewsletter.com/CL0/http:%2F%2Fsecurity.googleblog.com%2F2026%2F02%2Fkeeping-google-play-android-app-ecosystem-safe-2025.html%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/WqHsnzhHmdPUPkwzP4IUQ007kctE_9oQFsrDpRqM6bw=445">
<span>
<strong>Keeping Google Play & Android app ecosystems safe in 2025 (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Google reported blocking over 1.75 million policy-violating apps and banning 80,000 malicious developer accounts from Google Play in 2025, while Play Protect's real-time scanning identified more than 27 million new malicious apps from outside the store across 350 billion daily scans. Enhanced fraud protection expanded to 185 markets covering 2.8 billion devices, blocking 266 million risky sideloaded installation attempts. New defenses included in-call scam protection preventing users from being socially engineered into disabling Play Protect, and Android 16's one-line-of-code tapjacking protection for sensitive app screens.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Ffirebase-misconfiguration-chat-ask-ai-users-expose%2F%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/_k6lzQcoQXFB0T7S-0ZOLPCIAy-8h3XkY2AZrfQNg5M=445">
<span>
<strong>Firebase Misconfiguration Exposes 300M Messages From Chat & Ask AI Users (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A misconfigured Firebase database exposed approximately 300 million chat messages from 25 million users of Codeway's Chat & Ask AI app.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurityaffairs.com%2F188254%2Fbreaking-news%2Fgermanys-national-rail-operator-deutsche-bahn-hit-by-a-ddos-attack.html%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/XblInylMgFHcJ-z6yQyoM2Rgan_jwpijVCIRJFNw33I=445">
<span>
<strong>Germany's national rail operator Deutsche Bahn hit by a DDoS attack (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A large-scale DDoS attack hit Deutsche Bahn on 17β18 February, knocking out bahn.de, the DB Navigator app, and core IT systems.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcyberscoop.com%2Fpost-quantum-state-department-transition-plans-outlive-leadership-cycles%2F%3Futm_source=tldrinfosec/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/AzuwIE8j9SDeH7m4DOtZk1u72uUtSVVp9lx_dep45Cc=445">
<span>
<strong>State Dept. official says post-quantum transition plans will outlive current leadership (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
State Department official Gharun Lacy urged public and private sectors to coordinate post-quantum cryptography transitions as a collective ecosystem effort, warning that data harvesting threats from nation-state adversaries like China will outlive leadership cycles and require sustained cross-generational commitment toward the 2035 migration target.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/UsDdmbgUNisopkzxB08Yd8vHDSOSdehP6jQpi9bXA4Y=445" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/OlhboavDl6hYoiA2mmTdXVLJrdB8uNsG3DOIzZ6LrkE=445" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/thQBc2QFADHO_wWZdlQAcfpYn0cTziD4riQwUvUxyVI=445"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/p_UXrvRRwrE2zofB22-0RQ3sQEbPUm6IP53Vdy3nHRY=445" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/b_dLb77m5bUwCkxSWqum9-yQgB7RuwdTwzd3GLqr6aw=445" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/DyzTMxNchjO8cHeZsuZwyPIHq1Cw8GhSFgrHYDG0heQ=445" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/dyZek6Ph2O2CkPrdEtNUaVUpLfhB3eFRQfKESdC5JzI=445"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/elKwhGR2l69Ugxyj3OUMl4mJF0yz2bF-zKnX3nabqrg=445"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/sR4CI_RW-wCqEdLqeWy354wSMu-YPTMZsXH8Ia9lNhM=445"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/51jGJNCiHR38WpHpUlVNyFHwzKMl_5Q3D57rJZ4SCAE=445">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=954521de-0e29-11f1-a006-e557532372f0%26pt=campaign%26pv=4%26spa=1771596138%26t=1771596457%26s=e0f39b8c2d2345cbe1a812be607cd3716c100fe94edb02b509d488db921de7f2/1/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/csl3djrGT7XIqwdN4thGXesUhNDCR-hB2I-RmDP3VJ8=445">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019c7b60a854-76b3d640-cc1f-4407-9490-728e600320f0-000000/qA_LcdY5XIot-XeRDw1dhy5X1mgcSWUaNDKrmEeK2Oo=445" style="display: none; width: 1px; height: 1px;">
</body></html>