Email Content

<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
			:root {
				color-scheme: light dark; supported-color-schemes: light dark;
			}
			
			*,
			*:after,
			*:before {
				-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
			}
			
			* {
				-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
			}
			
			html,
			body,
			.document {
				width: 100% !important; height: 100% !important; margin: 0; padding: 0;
			}
			
			body {
				-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
			}
			
			div[style*="margin: 16px 0"] {
				margin: 0 !important;
			}
			
			table,
			td {
				mso-table-lspace: 0pt; mso-table-rspace: 0pt;
			}
			
			table {
				border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
			}
			
			img {
				-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
			}
			
			*[x-apple-data-detectors] {
				color: inherit !important; text-decoration: none !important;
			}
			
			.x-gmail-data-detectors,
			.x-gmail-data-detectors *,
			.aBn {
				border-bottom: 0 !important; cursor: default !important;
			}
			
			.btn {
				-webkit-transition: all 200ms ease; transition: all 200ms ease;
			}
			
			.btn:hover {
				background-color: #f67575; border-color: #f67575;
			}
			
			* {
				font-family: Arial, Helvetica, sans-serif; font-size: 18px;
			}
			
			@media screen and (max-width: 600px) {
				.container {
					width: 100%; margin: auto;
				}
				.stack {
					display: block!important; width: 100%!important; max-width: 100%!important;
				}
				.btn {
					display: block; width: 100%; text-align: center;
				}
			}
			
			body,
			p,
			td,
			tr,
			.body,
			table,
			h1,
			h2,
			h3,
			h4,
			h5,
			h6,
			div,
			span {
				background-color: #FEFEFE !important; color: #010101 !important;
			}
			
			@media (prefers-color-scheme: dark) {
				body,
				p,
				td,
				tr,
				.body,
				table,
				h1,
				h2,
				h3,
				h4,
				h5,
				h6,
				div,
				span {
					background-color: #27292D !important; color: #FEFEFE !important;
				}
			}
			
			a {
				color: inherit !important; text-decoration: underline !important;
			}

		</style><!--[if mso | ie]>
		<style type="text/css">
			a {
				background-color: #FEFEFE !important; color: #010101 !important;
			}
			@media (prefers-color-scheme: dark) {
				a {
					background-color: #27292D !important; color: #FEFEFE !important;
				}
			}
	 </style>
			<![endif]--></head><body class="">



<div style="display: none; max-height: 0px; overflow: hidden;">Unknown threat actors breached cpuid.com for roughly 19 hours (April 9–10) via a compromised side API, replacing CPU-Z and HWMonitor download URLs ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>

<table align="center" class="document"><tbody><tr><td valign="top">

<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">

<table width="100%"><tbody><tr><td class="container">



<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/EDQjCfrKO4cb0TVUC2CWIQnjhkRvbBS1AXQggBRkr_Q=452" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/DKj__SjAvfRs0Xh2qoYbdiDFEitRhVDVwYmEgxXzk1s=452" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=cc3bf24e-37d2-11f1-bd70-e739e5eb8a99%26pt=campaign%26t=1776172149%26s=162fb4351bffde7fe12ae3272e20cb96141ced411edacb222d2c5a3a077eae2f/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/iSLEqyQIMDF91TDw-IT8qfU1UBX5qlkJj9qZZTSQynE=452"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>

<br>

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.herodevs.com%2Feol-dataset%2Foverview%3Futm_source=newsletter%26utm_medium=paid-sponsorship%26utm_campaign=2026q2_eolds-launch%26utm_content=tldr-infosec_primary_20260414_v1/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/47LfriC9rtMfM5J0SSjgE1M7sdy2LRp_EIuBCmr3T4o=452"><img src="https://images.tldr.tech/herodevs.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="HeroDevs"></a></td></tr></tbody></table>


<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">

<h1><strong>TLDR Information Security <span id="date">2026-04-14</span></strong></h1>
</div>
</td></tr></tbody></table>

<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.herodevs.com%2Feol-dataset%2Foverview%3Futm_source=newsletter%26utm_medium=paid-sponsorship%26utm_campaign=2026q2_eolds-launch%26utm_content=tldr-infosec_primary_20260414_v1/2/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/rAz671r3NegZQ7YUyZNJHTxXRe5iv6xjrdbaeERKnzs=452">
                                    <span>
                                        <strong>Your SCA Can't Track What's Dead. (Sponsor)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    93% of end-of-life risk in enterprise codebases comes from transitive dependencies. Packages your team never directly installed. Your scanner flags CVEs. It doesn't tell you the maintainer stopped patching three years ago.<p></p><p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.herodevs.com%2Feol-dataset%2Foverview%3Futm_source=newsletter%26utm_medium=paid-sponsorship%26utm_campaign=2026q2_eolds-launch%26utm_content=tldr-infosec_primary_20260414_v1/3/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/v_8r4j2BDgMcbRZ0ApfQVG1f57AvsyxvhxzmzwB8f_E=452" rel="noopener noreferrer nofollow" target="_blank"><span>HeroDevs' EOL Dataset</span></a> checks lifecycle status across <strong>12M+ package versions</strong>, surfaces what your SCA missed, and maps findings to PCI-DSS, SOC 2, and CRA compliance requirements.</p>

<p>Free to scan. No agents. No code changes.</p>

<p><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.herodevs.com%2Feol-dataset%2Foverview%3Futm_source=newsletter%26utm_medium=paid-sponsorship%26utm_campaign=2026q2_eolds-launch%26utm_content=tldr-infosec_primary_20260414_v1/4/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/myigy0gFmt5Z6x9z28vJDz5CvbMMSAGOkjlxYWtkZdw=452" rel="noopener noreferrer nofollow" target="_blank"><span>Get Your Free EOL Risk Report</span></a>


</p>
</span></span></div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🔓</span></div></div>
</td></tr></tbody></table>

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">

<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>

<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2Fuj11Hu/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/0quhYcjzw66_NT6FsMuU3MhTac5zCorXfG11qw9hItM=452">
                                    <span>
                                        <strong>Fake Claude Website Distributes PlugX RAT (2 minute read)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    A threat actor set up a typosquatted Anthropic domain serving a trojanized MSI installer that silently deploys PlugX alongside the legitimate Claude application via DLL sideloading via a signed G DATA binary (NOVUpdate.exe), and beacons to C2 infrastructure on Alibaba Cloud. The VBScript dropper persists in the startup folder and self-deletes to minimize forensic artifacts, while error suppression prevents victim-visible alerts during deployment. Block unsigned DLL loads from startup directories, hunt for NOVUpdate.exe spawning network connections, and enforce application allowlisting to prevent trojanized AI tool installers from executing.
                                </span>
</span>
</div>
</td></tr></tbody></table>

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FibitPr/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/72s2ijoK2Jpih0JUNClV-B3i2ax1plWPkPV5dCsnnPc=452">
                                    <span>
                                        <strong>CPUID Breach Distributes STX RAT via Trojanized CPU-Z and HWMonitor Downloads (2 minute read)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    Unknown threat actors breached cpuid.com for roughly 19 hours (April 9–10) via a compromised side API, replacing CPU-Z and HWMonitor download URLs with links to malicious sites serving trojanized installers that bundled CRYPTBASE.dll for DLL sideloading. The malicious DLL performed anti-sandbox checks before deploying STX RAT, an HVNC-capable infostealer supporting in-memory EXE/DLL/PowerShell/shellcode execution and reverse-proxy tunneling, using C2 infrastructure reused from a prior trojanized FileZilla campaign. Kaspersky identified 150+ victims across Brazil, Russia, and China.
                                </span>
</span>
</div>
</td></tr></tbody></table>

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthenextweb.com%2Fnews%2Fbasic-fit-hit-by-hack-affecting-members-across-multiple-countries-including-200000-in-the-netherlands%3Futm_source=tldrinfosec/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/rcW1ABanj4RY1GDuYh_6szcyru4entkqny6FE8d6UAs=452">
                                    <span>
                                        <strong>Basic-Fit hit by hack affecting members across multiple countries, including 200,000 in the Netherlands (2 minute read)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    Basic-Fit detected unauthorized access to its club check-in system, which logs member visits across seven European countries. Attackers accessed personal and membership data, including names, contact details, dates of birth, and bank account numbers, but not passwords or ID documents. Around 200,000 Dutch members are affected, and the regulator has been notified, raising the risk of SEPA direct debit fraud and targeted phishing.
                                </span>
</span>
</div>
</td></tr></tbody></table>

</td></tr></tbody></table>

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧠</span></div>
</div>
</td></tr></tbody></table>

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">

<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>


<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsemgrep.dev%2Fresources%2Fremediation-at-scale-ungated%2F%3Futm_source=tldrinfosec/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/ntwCiLzrU23nDJGN7BnGhr4I5HaGmIgOdJbo91F2Oo4=452">
                                    <span>
                                        <strong>Remediation at Scale: What High-Performing AppSec Teams Do Differently (2 minute read)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    Semgrep analyzed anonymized SAST and SCA remediation data from 400+ organizations across 50,000+ repositories, finding that top-performing teams achieve 2.4x higher SAST and 3.3x higher SCA fix rates than peers, with PR-stage detection driving 9x faster Mean Time To Recovery (MTTR) than findings caught in full scans. Authentication and cryptographic failures show the widest performance gaps between leaders and the field, and findings older than 90 days rarely resolve through normal workflow. Prioritize blocking rules at PR review, enable SCA reachability analysis, and triage authentication/crypto findings before the 90-day threshold. The full benchmark data is available as a PDF linked on the page.
                                </span>
</span>
</div>
</td></tr></tbody></table>

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwords.filippo.io%2Fcrqc-timeline%2F%3Futm_source=tldrinfosec/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/GUEWoAZnXhhkB5oebge4mgn5WNd_61YfmqKlwBI_ETs=452">
                                    <span>
                                        <strong>A Cryptography Engineer's Perspective on Quantum Computing Timelines (12 minute read)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    Cryptography engineer Filippo Valsorda updated his post-quantum stance after two papers targeting different quantum architectures: a Google paper reducing the qubit count to break 256-bit elliptic curves on superconducting hardware, and an Oratomic paper showing ECC-256 falls with as few as 10,000 physical qubits on neutral-atom non-local connectivity. With Google's Heather Adkins and Sophie Schmieg placing the CRQC deadline at 2029, Valsorda argues the risk now mandates immediate ML-KEM and ML-DSA-44 deployment over hybrid schemes, with any non-PQ key exchange treated as a potential active compromise. TEEs (Intel SGX, AMD SEV-SNP) are flagged as especially exposed, given no known PQ root-of-trust migration path, while file-encryption deployments face store-now-decrypt-later risk requiring urgent PQ recipient rollout.
                                </span>
</span>
</div>
</td></tr></tbody></table>

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.chrisfarris.com%2Fpost%2Fdr_strangeclaw%2F%3Futm_source=tldrinfosec/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/XcmrscbDx_GufzO24WOnUuY1XLO1SPhyweOVdoUDBN4=452">
                                    <span>
                                        <strong>Dr. StrangeClaw or: How I Learned to Stop Worrying and Love AI (4 minute read)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    Agentic AI should be treated as a discrete employee and granted the privileges and controls that a human employee would have. Issues such as AI exfiltrating secrets, privilege creep, and hallucinations are problems with equivalents in the insider threat management sphere.
                                </span>
</span>
</div>
</td></tr></tbody></table>

</td></tr></tbody></table>

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧑‍💻</span></div>
</div>
</td></tr></tbody></table>

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">

<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>

<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fobdev.at%2Fproducts%2Flittlesnitch-linux%2Findex.html%3Futm_source=tldrinfosec/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/0kaCHKElpavGxPzh6jJdW-9CUagS2Twr3_SB4DIu9fY=452">
                                    <span>
                                        <strong>Little Snitch for Linux (Product Launch)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    Objective Development launched a Linux port of the popular macOS egress firewall, using an eBPF kernel program to intercept outgoing connections and surface per-process traffic visibility via a local web UI with blocklist and custom rule support. The tool targets privacy monitoring over adversarial hardening as eBPF's storage and complexity constraints mean packet-to-process attribution under heavy traffic relies on heuristics, and hostname-to-IP mapping lacks the deep packet inspection accuracy of the macOS version. The eBPF program and web UI are GPL-2.0 with source on GitHub. The daemon is proprietary but free to use, and requires kernel 6.12–6.19.0 with BTF support.
                                </span>
</span>
</div>
</td></tr></tbody></table>

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fmesh.security%2F%3Futm_source=tldrinfosec/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/wwLNsjvJtrjssN24UnfsGTNVgrycosvP00V5csEZxoM=452">
                                    <span>
                                        <strong>Mesh Security (Product Launch)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    Mesh Security offers a CSMA execution layer that sits above existing security tools, unifying context and control across business units and environments and coordinating automated, system-level actions to close exposure without replacing current products.
                                </span>
</span>
</div>
</td></tr></tbody></table>

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.praetorian.com%2Fblog%2Fvespasian-api-endpoint-discovery-tool%3Futm_source=tldrinfosec/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/I2o752obZ9A2aa1iG8sktSzAJEfwe0LOMmPqbODKeVs=452">
                                    <span>
                                        <strong>Meet Vespasian. It Sees What Static Analysis Can't (11 minute read)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    Vespasian is an open-source API endpoint discovery tool that captures live HTTP traffic via headless browser or existing Burp Suite, HAR, and mitmproxy captures, then generates structured specifications: OpenAPI 3.0 for REST, GraphQL SDL, and WSDL for SOAP. Its two-stage pipeline separates capture from generation, with confidence-scored heuristics for API type classification, path normalization with parameterized deduplication, and a tiered GraphQL introspection strategy that includes WAF bypass fallbacks. Vespasian integrates directly with Praetorian's Hadrian for automated BOLA/BFLA testing, forming a complete discover-then-test pipeline with no manual spec creation required.
                                </span>
</span>
</div>
</td></tr></tbody></table>

</td></tr></tbody></table>


<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🎁</span></div></div>
</td></tr></tbody></table>

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>

<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F04%2F11%2Fhungary_government_logins_breach%2F%3Futm_source=tldrinfosec/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/V5fmPv8pvC8QirPCQU4sERuJRz9ruI8oPt_fbMUYDCw=452">
                                    <span>
                                        <strong>Hungary officials used weak passwords exposed in breach dump (2 minute read)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    Bellingcat linked nearly 800 Hungarian government email-password pairs to public breach data, including about 120 defense-related accounts, some tied to a 2023 NATO eLearning breach. Officials reused weak passwords like “FrankLampard,” “123456aA,” and “linkedinlinkedin” across third-party services. Stealer logs from recent months suggest several government machines now sit in attacker telemetry.
                                </span>
</span>
</div>
</td></tr></tbody></table>

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F04%2F09%2Fhacker-stole-700000-from-u-k-energy-company-by-redirecting-payment%2F%3Futm_source=tldrinfosec/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/K8fdxpEKzawj0Ttb0sGkpUmG90FPyQj1lundxQTeG5M=452">
                                    <span>
                                        <strong>Hacker stole £700,000 from UK energy company by redirecting payment (1 minute read)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    A hacker diverted a £700,000 payment from Zephyr Energy's US subsidiary into a fraudulent bank account by interfering with a contractor payment process, likely via business email compromise tactics such as altering bank and routing details in invoicing workflows. Zephyr reports the incident as contained, says operations continue, and is adding extra security layers while trying to claw back the funds through involved banks.
                                </span>
</span>
</div>
</td></tr></tbody></table>

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.blog%2Fnews-insights%2Fcompany-news%2Faddressing-githubs-recent-availability-issues-2%2F%3Futm_source=tldrinfosec/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/M-I4B_hF9Sxn3lJoMAP7-HD_YIv-4h7Gp5MfofZqzrQ=452">
                                    <span>
                                        <strong>Addressing GitHub's Recent Availability Issues (7 minute read)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    Between February and March, GitHub experienced several major incidents that dropped the company below its availability standards. GitHub's CTO broke down three of the major incidents, one involving a database becoming overloaded and two involving failover solutions that were insufficient or didn't function properly. Moving forward, GitHub is taking on several efforts to increase the platform's stability as well as increasing its scalability by migrating to Azure and decoupling critical components.
                                </span>
</span>
</div>
</td></tr></tbody></table>

</td></tr></tbody></table>

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">⚡</span></div></div>
</td></tr></tbody></table>

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">

<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>

<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2F2026%2F04%2F13%2Flinux_kernel_7_releaseed%2F%3Futm_source=tldrinfosec/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/ubcxBD-AnrY_NMcbifVisEicgpFqwF9SwF5HxCNL08c=452">
                                    <span>
                                        <strong>Linux 7.0 debuts as Linus Torvalds ponders AI's bug-finding powers and their impact on release process (1 minute read)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    Linux kernel 7.0 shipped with official Rust support, self-healing XFS, and expanded ARM/RISC-V/Loongson and AMD EPYC 5 KVM improvements, as Torvalds flagged AI tooling as a likely driver of the uptick in late-cycle corner-case fixes.
                                </span>
</span>
</div>
</td></tr></tbody></table>

<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
                                <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bbc.com%2Fnews%2Farticles%2Fcx2dg5g1le7o%3Futm_source=tldrinfosec/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/xsr_LM8hto8Mk2KBV8EiJJ4iOCeg_yuT8xgppAuk8bE=452">
                                    <span>
                                        <strong>GTA-maker Rockstar Games hacked again but downplays impact (2 minute read)</strong>
                                    </span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
                                    Hackers calling themselves ShinyHunters say they accessed Rockstar data via a third-party cloud provider and tried to extort a ransom by threatening to leak it.
                                </span>
</span>
</div>
</td></tr></tbody></table>

</td></tr></tbody></table>



<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">

<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/mmOvHWlvytZ0cayEWpFX7XWJ7q2epU0JScULE7XdtiU=452" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/glBkObFMLbF5_nR3aU2xpllXWLceDf7eLnnOhXPY2hE=452" style="font-size: 16px; line-height: 1.6;  padding: 10px 0; display: inline-block;  text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>




<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">

<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? 📰
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/WFIFAcz3fbsfVAsvnx9taUT7Lx5JO9Wl2J9soJuCohM=452"><strong><span>advertise with us</span></strong></a>.
</div>
<br>

<!-- New "Want to work at TLDR?" section -->

<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? 💼
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/PYGeqzoWCMwyt2GHxSFjr3I1GNuweP83snlCrpU6sDw=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/9V5ht1nvnt1XtEnWu4AT5h2FB0BB8gfKpIjjuL_vitM=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/R2tRFUpw6f57Vrtqq_JFonYcsJgjP8B0BbdOjA4qdEY=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>

<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/lvKJkaJb8M22H7cDfgx3b30S0wJsLJeEVwkxZR3WPGI=452"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/cp8-ii79B_rsuAON5nXm6a8i_zbLCWyrCGfn-uviVL4=452"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/6iOx7w7PIzNiEQ0UI0gJ8PeUuGvPVKBxTS0x8r24Ipk=452"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>

<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/5GPxDV7fzmo-f-zuc9pPbuY5UdhebnCZpq2PrxFpNhs=452">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=cc3bf24e-37d2-11f1-bd70-e739e5eb8a99%26pt=campaign%26pv=4%26spa=1776171785%26t=1776172149%26s=f7259ae353433b1c7e9b1c9437b505e4aa3e833b4c44a29a3ffc6dbb95d9cb93/1/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/wEfAgHClUx32sZBUrpahiNOUSXooy9SPotKns9jSiwE=452">unsubscribe</a>.
<br>

</div>
</td></tr></tbody></table>

</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>



<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019d8c1c2c14-d8001f1c-cc64-4340-8f81-adaf333ba4ad-000000/mAS_S8xKDUw2etyBLIQpJbkOnXNRF0WS2rIzeSeurVM=452" style="display: none; width: 1px; height: 1px;">
</body></html>