<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">A former DOGE software engineer allegedly exfiltrated two highly restricted Social Security databases onto a thumb drive β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/n3bS8R8TsMGRpTlAG9W0f0tbI8kn6BCHyxzIMei-_CM=448" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/yXGCZ_nujm2XBNQozSE_WygQlU1FNhtohUeafeNFXwc=448" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=0415d42a-1dd2-11f1-af7b-09b181a51783%26pt=campaign%26t=1773320816%26s=2e2f0aa0acdc2e09eb0713a95a73d7a68c930abd07573a6226e17fa1308a2b69/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/17G-FSEButiTx5iYCJfJcD5QcBMN_NLLZQEroUNYbHM=448"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdelve.co%2Fbook-demo%3Futm_source=tldr%26utm_medium=newsletter%26utm_campaign=tldr-primary-mar12-26/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/pcFdkjXZ9EboHNbD5tvbaKKH8ZGuJeAyWAhr4tNH0n0=448"><img src="https://images.tldr.tech/delve.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Delve"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-03-12</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdelve.co%2Fbook-demo%3Futm_source=tldr%26utm_medium=newsletter%26utm_campaign=tldr-primary-mar12-26/2/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/1tY7onKiAMJ7XaAljVffnJ-NOcveSC-R6FgCT9a6NVQ=448">
<span>
<strong>If you love taking compliance screenshots manually, you can skip this ad (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
If you're tired of clicking through dashboards, taking screenshots, labeling files, and then doing it all again for the next audit...<p></p><p>β¦this one's for you.</p><p>Meet <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdelve.co%2Fbook-demo%3Futm_source=tldr%26utm_medium=newsletter%26utm_campaign=tldr-primary-mar12-26/3/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/LAvVN0VTkv4e40DM4g6_Dm_-dALBEvZAR-EPi8tdjOA=448" rel="noopener noreferrer nofollow" target="_blank"><span>Delve CUA</span></a><strong>:</strong> a <strong>computer-using AI agent that takes compliance screenshots for you</strong>.</p>
<p>Delve's agent securely navigates your tools, captures screenshots at the right moments, and attaches them directly to the correct controls.</p>
<p>That's compliance, finally automated end-to-end.</p>
<p>β
Trusted by <strong>1,500+ of the fastest-growing companies</strong>: Notion, Whop, 11x, Instantly, Wisprflow, Greptile, and many others.</p>
<p>π <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdelve.co%2Fbook-demo%3Futm_source=tldr%26utm_medium=newsletter%26utm_campaign=tldr-primary-mar12-26/4/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/Ocy639IpRsktlGiZZrlz6z1G97BRpUp6S4gZHUF0DQQ=448" rel="noopener noreferrer nofollow" target="_blank"><span><strong>Book a demo</strong></span></a> to take Delve CUA for a spin - and get <strong>$1,500 off</strong> with code CUA1.5K. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdelve.co%2Fbook-demo%3Futm_source=tldr%26utm_medium=newsletter%26utm_campaign=tldr-primary-mar12-26/5/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/Sf0XX8nuY1I3kpOvzDtrHN9DrLFYc4TnO8Sn4jqAK3E=448" rel="noopener noreferrer nofollow" target="_blank"><span>Claim your offer here</span></a>
</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fnewtonpaul.com%2Fblog%2Fdevice-code-phishing-campaign%2F%3Futm_source=tldrinfosec/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/v-dSudYjnZBdyMmlw0foCjdhO4XruXm006Dot7OVbVc=448">
<span>
<strong>Uncovering a New Device Code Phishing Campaign (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A phishing campaign exploited Microsoft's OAuth 2.0 device code flow by tricking victims into visiting Cloudflare Workers-hosted pages that imitate Adobe Acrobat Sign, using BEC-compromised sender domains. It automatically copied an attacker-generated device code to the clipboard and redirected victims to the legitimate microsoft.com/devicelogin portal to collect tokens. The attacker's backend polls Microsoft's device code endpoint every 3 seconds, exchanges the completed code for OAuth access and refresh tokens scoped to Microsoft Graph, and then silently redirects victims to adobe.comβleaving no signs of compromise. Indicators of compromise (IOCs) from 23 workers.dev subdomains, along with suspected sender addresses embedded in account names, are published. Defenders should look for device code authentication events in Entra SigninLogs by filtering for `AuthenticationProtocol == "deviceCode"`. They should also flag first-time device code authentications with no prior 30-day history (`ResultType == 0`) and alert on workers.dev URLs in inbound email that are linked to the same-user authentication events.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FTLSNJt/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/CRCZ2OL5EitNsj860VWsNOiXBVBqgi8WsZe4bncQ9YE=448">
<span>
<strong>Michelin Confirms Data Breach Linked to Oracle EBS Attack (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Tire maker Michelin has confirmed that attackers exploited an Oracle E-Business Suite zero-day as part of a wider Cl0p-led campaign tied to FIN11, accessing a small volume of non-sensitive data from its environment. Cl0p claims to have leaked over 315GB of Michelin files.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftherecord.media%2F235000-affected-cyberattack-ambulance-provider%3Futm_source=tldrinfosec/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/SpY9rVFS2Wx9A3-SSdrns39RNc8Hvnq5MelU8YQtFgU=448">
<span>
<strong>235,000 affected by cyberattack on largest ambulance provider in Wisconsin (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Hackers hit Bell Ambulance in Wisconsin and stole sensitive data for about 238,000 people, including Social Security numbers, IDs, financial details, medical, and insurance information. The breach was detected in February 2025, with notifications rolling out from April as more victims were identified. The Medusa ransomware gang claimed the attack and tied it to a $400,000 ransom demand for 219 GB of data.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fpentesterlab.com%2Fblog%2Ffreshrss-bcrypt-truncation-auth-bypass%3Futm_source=tldrinfosec/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/qT1f7eFaSMIECTJyrF3lmQ52tMHlWhtpPr2KIMWXFbQ=448">
<span>
<strong>How "Strengthening Crypto" Broke Authentication: FreshRSS and bcrypt's 72-Byte Limit (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CVE-2025-68402 is an authentication bypass in the FreshRSS edge branch caused by changing the login nonce from a 40-character SHA-1 hex string to a 64-character SHA-256 hex string, which, combined with bcrypt's 72βbyte input limit, results in a vulnerability. The longer nonce pushed all passwordβdependent bcrypt data past the truncation boundary, so password_verify() returned true for any password until the concatenation order was fixed.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.barrack.ai%2Fai-copilot-attack-surface%2F%3Futm_source=tldrinfosec/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/L8_7MAoO7O91NbbBqm4DDhYYzdpNar6-GBbLUi1ZTjY=448">
<span>
<strong>Your AI Copilot Is the Newest Attack Surface (15 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Four 2026 incidents involving Excel Copilot, Chrome Gemini, Microsoft Copilot Personal, and Perplexity Comet revealed a common architectural issue: AI agents inherit extensive permissions (such as file access, network egress, credential autofill, and camera/microphone access) and cannot reliably distinguish legitimate user instructions from attacker-injected content, enabling zero-click exfiltration, session hijacking, and full credential vault takeover through indirect prompt injection (OWASP LLM01:2025). While all four vulnerabilities have been patched, the structural gap persists: 83% of organizations plan to deploy agentic AI, yet only 29% feel prepared to secure it. Security teams should enforce outbound network restrictions on AI-enabled applications, audit agent permission scopes to ensure least privilege, and treat untrusted data sources (documents, calendar invites, and URLs) as potential injection vectors in any agentic workflow.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FzB85vg/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/SAQ2ywkbbHzqsqzlyoaZKYMYFFSLOvQF-3hUTnA0sn8=448">
<span>
<strong>Product Security Scorecards: Coupling Security Issues with Preventative Controls to Drive Security Maturity (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Postman's application security team leveraged embedded security engineers to create a custom product security scorecard that teams and management can use to quickly surface security issues and their fixes across projects. The scorecards pair detected security issues with preventive controls, such as repo scanning, and can also incorporate more free-form βsecurity asksβ from Jira tickets. The security scorecard allowed teams to roll PR blocking out to their repos and use commit pre-checks to block noncompliant commits.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fspecterops.io%2FBloodHoundScentry%2F%3Futm_medium=Advertisement%26utm_source=TLDR%26Latest_Campaign=701Uw00000fX3h6%26source=Ad%2520-%2520Media%2520Sponsorship/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/a4M7ka3O4TdaWbQkffddJYJ_q9ciYBl4z5qrRHAMmhQ=448">
<span>
<strong>BloodHound Scentry β Identity Attack Path Management, Operationalized (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attackers chain identity relationships to reach critical assets. BloodHound Scentry pairs the BloodHound platform with SpecterOps experts to identify and disrupt identity attack paths across on-prem, cloud, and hybrid environments.<p></p><p>White-glove implementation, graph analysis, and remediation planning. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fspecterops.io%2FBloodHoundScentry%2F%3Futm_medium=Advertisement%26utm_source=TLDR%26Latest_Campaign=701Uw00000fX3h6%26source=Ad%2520-%2520Media%2520Sponsorship/2/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/SHfRsQWe5ICt_SZmVahNe_d61Um7tkiveDlGVivHUq4=448" rel="noopener noreferrer nofollow" target="_blank"><span>Learn more</span></a> or <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fspecterops.io%2FBloodHoundScentry%2F%3Futm_medium=Advertisement%26utm_source=TLDR%26Latest_Campaign=701Uw00000fX3h6%26source=Ad%2520-%2520Media%2520Sponsorship/3/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/65R53K7Wyhnu7NO27YfjCNrrDD0V5vnimJ0FoVS7_jc=448" rel="noopener noreferrer nofollow" target="_blank"><span>watch our webinar</span></a>.
</p>
</span></span></div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.jazz.security%2F%3Futm_source=tldrinfosec/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/SVV6L8pZpgkvOPaMRZcG0cLt2SKt8XENcod2rT8po8A=448">
<span>
<strong>Jazz Security (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Jazz provides an AI-native data loss prevention platform that monitors how sensitive data is used across systems, infers user intent and context, and surfaces only high-risk incidents instead of noisy rule-based alerts.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fpromptfoo%2Fpromptfoo%3Futm_source=tldrinfosec/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/gqDKEr5FC3Js7elqLTps_4kHZbabpEfOyUx1ULlbSSQ=448">
<span>
<strong>Promptfoo (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Promptfoo embeds automated red-team tests into the build and release processes, provides actionable guidance for the identified issues, and feeds the results into the organization's existing vulnerability management workflows.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fpraetorian-inc%2Fnerva%3Futm_source=tldrinfosec/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/Dzbfc-FHUCCab0emRaogqVCSKFp2aJRq-mZ04_QMI_Y=448">
<span>
<strong>Nerva (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Nerva is a CLI application that provides fast service fingerprinting. It can identify 120+ network protocols and extract rich metadata.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2Fd26yZm/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/C3-3Oj2Y1OKCtiIrQJhRGVCjjBbu4n2K4Q4PeIridvk=448">
<span>
<strong>Chinese Nexus Actors Shift Focus to Qatar Amid Iranian Conflict (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Within one day of the US-Israeli "Operation Epic Fury" strikes against Iran, Camaro Dragon targeted Qatari entities with conflict-themed lures delivering a PlugX variant via DLL hijacking of a legitimate Baidu NetDisk binary, while a separate China-nexus campaign deployed Cobalt Strike through a novel Rust-based loader exploiting DLL hijacking of nvdaHelperRemote.dll β a component of the NVDA screen reader previously seen in only a handful of Chinese-nexus operations. Both attacks used AI-generated lures impersonating regional governments to blend into fast-moving crisis communications. The pivot reflects both opportunistic intelligence collection and a broader shift in collection priorities toward Qatar's position at the intersection of competing global powers. Defenders should treat the Iran conflict as an active geopolitical lure theme, reinforce EDR coverage and MFA, and review Check Point's published IoCs for both campaigns.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F5N1ZBz/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/trpre53b6yBBAumFOJ8c6gVdlbkzdbnqHfy4LvkDR5M=448">
<span>
<strong>Undercover Cop Generated an AI Teenager to Catch Pedophiles (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
An undercover investigator with the Department of Homeland Security Investigations unit used AI-generated images of a 13-year-old girl to lure grown men into chatting with her. The investigator used the images to create a profile on the Kik social media platform and successfully caught a grown man who was distributing CSAM. These sting operations are not new, but previously, investigators needed to use pictures of themselves or coworkers that could pass for underage, potentially putting them at risk.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FRLF5BV/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/iP1-BtlAdc8RMFWObJTa5CSOQL_gSy8plReLpyFikGY=448">
<span>
<strong>Foreign Hacker Compromised Epstein Files Held by the FBI in 2023 (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Recently published Justice Department documents and an inside source detailed a breach of the FBI's New York office by a foreign hacker who accessed documents from the Epstein investigation. The hack happened after a special agent at the New York office inadvertently left a server vulnerable while trying to manage the bureau's complex procedures for handling digital evidence. The hacker hadn't realized they had infiltrated a law enforcement server, expressed disgust at the materials, and threatened to send the documents to the FBI before being reassured that the server belonged to the FBI.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcrashoverride.com%2Fdemo%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=QuickLink03122026/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/ydnJAYmYK-mVyqsHNTh-pVIAn1x6ncv5rnPQeQmjYCg=448">
<span>
<strong>Crash Override β EDR for Your Software Supply Chain (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A CVE drops Friday afternoon. Can you prove what's exposed in minutes, not hours? Crash Override embeds provenance from commit to runtime β continuous visibility, no scramble. [<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcrashoverride.com%2Fdemo%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=QuickLink03122026/2/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/D0QWYcbXBZcZG2Lc6UFlv0Yffn0HO2kv3R2WYzbJLaM=448" rel="noopener noreferrer nofollow" target="_blank"><span>See a demo</span></a> β]
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F03%2F10%2Fdoge-employee-stole-social-security-data-and-put-it-on-a-thumb-drive-report-says%2F%3Futm_source=tldrinfosec/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/s5vRETJGcv4SUNUepXi3dns3MFm58fB6P8cLXcEngms=448">
<span>
<strong>DOGE employee stole Social Security data and put it on a thumb drive, report says (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A former DOGE software engineer allegedly exfiltrated two highly restricted Social Security databases, including Numident and the Master Death File, onto a thumb drive and boasted about reusing them at a government contractor job.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Firan-handala-hackers-verifone-stryker-hacks%2F%3Futm_source=tldrinfosec/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/E7KWB6bDCDwYvDnFMKa71dlWHYjl37gaWvEKbVttIsc=448">
<span>
<strong>Iran-Linked Handala Hackers Claim Major Hacks on Stryker and Verifone (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Iran-linked Handala Hack Team claimed attacks on Stryker Corporation and Verifone on March 11, with Stryker confirming a network incident while Verifone denied any breach despite screenshots of apparent internal admin panels released as evidence.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FjWcJYI/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/Wnrm0alu6TFlImEjFAFyHlh-ugfk0v6240wmRs31qUw=448">
<span>
<strong>WhatsApp introduces parent-managed accounts for pre-teens (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
WhatsApp rolled out parent-managed accounts for children under 13, giving parents PIN-gated control over contacts, group membership, and activity alerts while preserving end-to-end encryption on all messages.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/MNMNyHePfaGb2OSdmS0X-52SksQlOc2a2n8WIIjeyGU=448" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/y6pP5IC25U47tfh-6PbpG8ZgTDWyQetNitlbRlClf5w=448" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/iXjq0wZi97Hjkj9_e3D9uowi9jZygaZ1wsgqAWZBT1c=448"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/X8FgY0WVlmChA5xiZuZBoo10abQOVcS8ae1f5QT-FYQ=448" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/xhUPkQW3wVCJ8zbHc7Xa6YRSNHIjUubSx-WERpx1SI8=448" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/ro-me-7LyRhFtHD6zP0xaU2dC9u5Yi72ND79BmVH1eU=448" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/LqLP6eQ1jvy1LS84hT0xjI84TltEXu6b3yZRncIp0ng=448"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/J1jyCEEtNn-l6_KnyQpBMSSXApBhdjzveW3t7jJf5JU=448"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/-ldXZ7JzCMy8y6UZ9AhUiaU6brjFse94SFSpsVIdR0M=448"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/BK7_KKE3g80Cc2RmtprAhlCQy9tqILLjdEJzZn-HsXw=448">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=0415d42a-1dd2-11f1-af7b-09b181a51783%26pt=campaign%26pv=4%26spa=1773320488%26t=1773320816%26s=2769d0f69e74999355c228c34b6763a9972011cdc2f99109f8b9e949676c9817/1/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/s49nVSOgHNhiweZMdfnIlNLe0fkmiDB0nOhAmlwE8A8=448">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019ce228477a-fe162a27-35a0-4e6d-ad96-00a3c1d1459c-000000/4hm5DYjH_MW4qY6iA-3Ec-6CGt_A19NylJwGx9mwpjU=448" style="display: none; width: 1px; height: 1px;">
</body></html>