<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Two separate GPU Rowhammer attacks, GDDRHammer and GeForge, have achieved total host control against Nvidia's Ampere RTX 3060 and RTX 6000 β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/d948POQtM-tTjr675maDZn-0u4ZfcFdDxuTBXM92LFg=451" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/YMZrckrzvclxh719RvBk4RHnnJIxJeIjkT92l7Io9qQ=451" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=a5d64c1a-31a3-11f1-ade6-7f07adcd60ac%26pt=campaign%26t=1775482527%26s=d3b4c800f9080d3a3f24034807710999816779ef9d579527496453775f5e595c/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/BtVgJEXT2-0WxcWpSr5DbCeetVWYpcV4T0sBUO19-KI=451"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-04-06</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fsecurity%2F2026%2F04%2Fnew-rowhammer-attacks-give-complete-control-of-machines-running-nvidia-gpus%2F%3Futm_source=tldrinfosec/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/EqGROsaKlyFTujvl8VuUDd8d6-c9zH-y_NcKtq6ddBg=451">
<span>
<strong>New Rowhammer attacks against Nvidia GPUs give attackers full access to CPU memory (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Two separate GPU Rowhammer attacks, GDDRHammer and GeForge, have achieved total host control against Nvidia's Ampere RTX 3060 and RTX 6000. They do this by inducing GDDR6 bit flips that corrupt GPU page tables, then gaining arbitrary read/write access to CPU memory. Both attack methods require disabling IOMMU, which is the default setting in most BIOSs, and they manipulate memory to redirect GPU page table allocations into regions vulnerable to Rowhammer. Mitigations include enabling IOMMU in BIOS or enabling GPU-side ECC through Nvidia's command line. However, ECC can impact performance and has been bypassed in earlier Rowhammer studies.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F1L2U84/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/e9lMPJkoNqo575W1KWsODTKxVV-SZnj4vzruAX3kwQ4=451">
<span>
<strong>Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Drift lost $285 million on April 1 after attackers used durable nonce accounts to pre-sign delayed transactions and socially engineered enough multisig approvers to seize Security Council admin rights. The attacker then created a fake token called CarbonVote with minimal liquidity, tricked Drift's oracles into accepting it as collateral, removed withdrawal limits, and drained all major vaults in 10 seconds.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F04%2F02%2Ftelehealth-giant-hims-hers-says-its-customer-support-system-was-hacked%2F%3Futm_source=tldrinfosec/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/z-pgAuVdTMTDeit-X6s63JcSCRVI6mwZkgdckdVBrjQ=451">
<span>
<strong>Telehealth giant Hims & Hers says its customer support system was hacked (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Hims & Hers confirmed hackers breached its third-party customer support ticketing system between February 4 and 7 via a social engineering attack. Stolen data includes customer names and email addresses. Medical records were reportedly not touched, and the number of affected users is unknown.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Funit42.paloaltonetworks.com%2Famazon-bedrock-multiagent-applications%2F%3Futm_source=tldrinfosec/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/ZIhfmhz8B9ekNOyX9UVyNfLFjgYDwoqKSjSIHdBlETg=451">
<span>
<strong>When an Attacker Meets a Group of Agents: Navigating Amazon Bedrock's Multi-Agent Applications (17 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Unit 42 red-teamed Amazon Bedrock's multi-agent collaboration feature and demonstrated a four-stage attack chain against unprotected deployments: operating mode fingerprinting via crafted payloads that probe for the agent_scenarios tag and AgentCommunication__sendMessage() tool, collaborator agent enumeration through social-engineered discovery prompts, mode-specific payload delivery to target sub-agents, and exploitation outcomes including system instruction extraction, tool schema disclosure, and fraudulent tool invocations with attacker-supplied inputs. No Bedrock vulnerabilities were identified. All attacks relied on prompt injection against applications running default templates without guardrails enabled. Enabling Bedrock's built-in pre-processing prompt and prompt-attack Guardrail blocks the demonstrated attack chain. Teams should enforce narrow-agent capability scoping, dual-layer tool-input validation, and least-privilege permissions across all agent-tool integrations.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.chainguard.dev%2Funchained%2Fthe-state-of-trusted-open-source-march-2026%3Futm_source=tldrinfosec/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/_7C1qFkP2yZeHlmG_FryceiHXtzUuZ95xY4UL6GSPFM=451">
<span>
<strong>The State of Trusted Open Source: March 2026 (6 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Chainguard analyzed 2,200+ container image projects and 377 unique CVEs from December 2025 through February 2026. Python is used by 72.1% of customers. PostgreSQL jumped 73% quarter-over-quarter, driven by vector search and RAG workloads. Unique CVEs rose 145%, and fix instances grew over 300%, yet median remediation held at 2.0 days, with 97.9% of high-severity CVEs resolved within a week. 96.2% of vulnerabilities sit outside the top 20 images β in the long tail, most teams underwatch. 42% of customers now run at least one FIPS image in production, up from none in the top 10 last quarter.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fmandiant%2Fvcsa-hardening-tool%3Futm_source=tldrinfosec/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/wgI0Kn5kgGTFz82QAE1DxZhAzY_EzHOxuc4vQwbhy8E=451">
<span>
<strong>VCSA Hardening & Logging Tool (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
A Bash-based automated hardening script for VMware vCenter Server Appliance (VCSA) that shifts the default-permit posture to a Zero Trust, default-deny model via kernel-level iptables micro-segmentation, IP allowlisting on SSH/443/VAMI ports, outbound exfiltration controls, and brute-force rate limiting. Forensic command auditing patches the root shell profile to pipe every executed bash command to Syslog with full metadata, supporting incident response and anti-tamper detection. Three selectable security modes (Standard Hardening, Internet Blocking, and Zero Trust) accommodate varying environment constraints, with a --dry-run flag and console-accessible rollback procedure to mitigate lockout risk.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FGalvnyz%2FM365-Assess%3Futm_source=tldrinfosec/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/6MfdohnSw6IQLH1whSxNZICa_UjhcJyDXHlALuFwMMQ=451">
<span>
<strong>M365-Assess (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
This read-only PowerShell 7 framework performs 169 automated security checks across Microsoft 365 surfaces, including Identity, Exchange Online, Intune, Defender, SharePoint, and Teams, producing outputs in CSV, HTML, and XLSX compliance-matrix formats aligned with 14 frameworks, such as CIS and CISA SCuBA. Currently at version 0.9.7, it features Continuous Integration (CI) and PSScriptAnalyzer linting, but it is still in pre-1.0 status and maintained by a single human, with contributions from Claude and Copilot.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.variance.com%2F%3Futm_source=tldrinfosec/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/jOOfmCXGbUD3xr2kRQiudJrpGOLZbS2K2u8KJJQOSak=451">
<span>
<strong>Variance (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Variance runs autonomous agents that handle fraud detection, risk investigations, and compliance workflows like KYC, KYB, AML, transaction monitoring, and customer due diligence for financial institutions and large enterprises, using a unified data model and broad external data sources.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F8ZEFP6/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/h2PGG7W3L6u0S2CigEgD7k7LbFzDK2Hgu5nkq8365SM=451">
<span>
<strong>Device code phishing attacks surge 37x as new kits spread online (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Device code phishing, which abuses the OAuth 2.0 Device Authorization Grant flow to harvest valid access and refresh tokens without ever touching the victim's credentials, has grown 37.5x in 2026, largely driven by the EvilTokens PhaaS kit, which democratizes the technique for low-skilled actors. Push Security cataloged at least 11 competing kits, including VENOM, DOCUPOLL, and LINKID, all of which used SaaS-themed lures, anti-bot gates, and cloud-hosted infrastructure to evade detection. The proliferation signals a structural shift toward token-based account takeover that bypasses MFA entirely, placing identity detection controls and conditional access policy hardening at the center of the defensive response.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FRJ8zef/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/gmPWqyeOQcB-bi6qnTzZq9BBJ1tT-CAtaVIEZpFmBf4=451">
<span>
<strong>Inconsistent Privacy Labels Don't Tell Users What They Are Getting (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Apple and Google launched app privacy labels in 2020, but a Carnegie Mellon CyLab study found widespread inaccuracies, mostly due to developer misunderstandings. The two platforms define data collection differently: Google counts any data transmitted off-device, whereas Apple counts it only if it is also stored. Labels go unverified, with no tools to help developers get them right. Researchers are calling for standardized definitions, better placement in app store listings, and automated verification tools.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fonecloudplease.com%2Fblog%2Fbucketsquatting-is-finally-dead%3Futm_source=tldrinfosec/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/Mf_IPZZgQiuyebfxw33kOYJ1hFCKhS6BDhO1-vFOkps=451">
<span>
<strong>Bucketsquatting is (Finally) Dead (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Bucketsquatting is an issue that has plagued S3 since 2019 and occurs when an attacker registers an S3 bucket that was previously used by an organization or follows a predictable name convention. AWS has now introduced an βaccount namespaceβ where users can bind a bucket name to their account. Administrators can enforce buckets to be created with this convention in SCPs using the s3:x-amz-bucket-namespace condition key.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.wiz.io%2Flp%2Fsecuring-ai-agents-101%3Futm_source=tldr-infosec%26utm_medium=paid-email%26utm_campaign=FY26Q3_INB_FORM_Securing-AI-Agents-101%26sfcid=701Py00000RTEWMIA5%26utm_term=FY27Q1-tldr-infosec-quicklinks%26utm_content=AI-Agents-101/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/KlTrQzTYIF_7uSFncePfEt54ZglwmrinH751gkS6q7M=451">
<span>
<strong>Wiz Security Flashcard: Securing AI Agents (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Use this one-page resource as a quick reference guide to understand what AI agents are, how they operate, and where key security considerations show up. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.wiz.io%2Flp%2Fsecuring-ai-agents-101%3Futm_source=tldr-infosec%26utm_medium=paid-email%26utm_campaign=FY26Q3_INB_FORM_Securing-AI-Agents-101%26sfcid=701Py00000RTEWMIA5%26utm_term=FY27Q1-tldr-infosec-quicklinks%26utm_content=AI-Agents-101/2/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/JLDG3sF_kIKbKdtvexT7vy2nTd3v8CCqKU1xZ6KqW58=451" rel="noopener noreferrer nofollow" target="_blank"><span>Download the security flashcard</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsecurityaffairs.com%2F190348%2Fcyber-crime%2Fqilin-ransomware-group-claims-the-hack-of-german-political-party-die-linke.html%3Futm_source=tldrinfosec/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/dWEYq9PA-LhY5DyrxlEFvY81v64vlKPMsZkbA8mOu-A=451">
<span>
<strong>Qilin ransomware group claims the hack of German political party Die Linke (1 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Qilin added Germany's Die Linke to its Tor leak site on April 1.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FxL9exC/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/bdoypr-yKQL7sCGwdOgDwhIS-k5qeAcmFeyX7arZcU4=451">
<span>
<strong>LinkedIn secretly scans for 6,000+ Chrome extensions, collects data (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
LinkedIn's site was found injecting a hidden JavaScript fingerprinting script that probes for 6,236 Chrome extensions by extension ID and harvests device metadata, linking results to authenticated user profiles.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhackread.com%2Ffake-chatgpt-ad-blocker-chrome-extension-spy-users%2F%3Futm_source=tldrinfosec/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/ElXFNpbeqTGBp0HHW9JKVD_Dn1AHrxDhyduG6KtzVnE=451">
<span>
<strong>Fake ChatGPT Ad Blocker Chrome Extension Caught Spying on Users (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
DomainTools identified a malicious Chrome extension posing as a ChatGPT ad blocker that cloned the DOM to extract conversations longer than 150 characters and exfiltrated them via a Discord webhook to a bot named "Captain Hook."
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/6jfOavqoTVi-SMrnVE_8qX_Oegkt7V_NhDmbXrJxt3k=451" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/9B7jac5ZBYHIx1rwPWtB2u0pCv9HbX4jXszMSxAb_iY=451" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/wMuZ2CSONeubrTS4FmyPUpa4HA8IM-C0qJaugPtUgRA=451"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/6BUvVmk_Gcr40eqJ1svRS1U7l6lj4--Il_8QvsY8n8A=451" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/VtAbqhuk7EbCvhSxqLtHJnfidoY5FpoKSqIkha8IJEQ=451" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/xfhPBeIEU4jQ9WZ2GVJwxmTbUpStInWmH7m7j0cZcxQ=451" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/63ZVp74WU8r_iUshEqoI-whefHiyrNEth-YB0mjECjY=451"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/qQSmVdHzAAL96xvKDY6qlJvaXPVTsHVURm60vbWU6IM=451"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/IWJhPSc7ew42EtqIo94FU5j-8lFAZy2d8qJYEL3oNAA=451"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/VigtBzfTQI2M-8xO249kTFWvzc7hpZ6deHnVTNLbUlc=451">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=a5d64c1a-31a3-11f1-ade6-7f07adcd60ac%26pt=campaign%26pv=4%26spa=1775480581%26t=1775482527%26s=7181070dfed0c935793c61d8df9de087e100338bd56201979365d27764076d44/1/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/ZTQVksYhuc-lwjS4DxDzizUq4PO2b-qH9HACXpYN5FY=451">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019d63015f49-09f05fdc-9bce-4717-8e2b-49d11ba8b27f-000000/GMxETvGsjbJZwH11r3upNj4CRA72ZIlGrUpwZ2fxt5Y=451" style="display: none; width: 1px; height: 1px;">
</body></html>