<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">CISA added CVE-2024-21182, a CVSS 7.3 Oracle WebLogic Server flaw that lets an unauthenticated attacker access critical data β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/rOM1TfU249PaQLJv6pyXBqDyqi3lo3eVtzH8wSxq8GI=452" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/Y55gPqpFa89tcPSqSgex2rX2m_fquyVPm_i13LsG__o=452" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=42475f7a-5ffe-11f1-9ae8-e12a95831ada%26pt=campaign%26t=1780578469%26s=bd978efff8d485a60b0f49ecfbba4cb85aa91ecb224d1037030a09f12604cccf/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/UKf1rJ1ylKu5QsHdkiqfsL7QfSS3nBDYqq0SKsZDimw=452"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-06-04</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4180218%2Ftwo-year-old-oracle-weblogic-server-vulnerability-is-being-exploited.html%3Futm_source=tldrinfosec/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/fcXv2vOszWf-SJe9ow3f5pUprWwFueL_rT7mCcujfqo=452">
<span>
<strong>Two-year old Oracle WebLogic Server vulnerability is being exploited (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CISA added CVE-2024-21182, a CVSS 7.3 Oracle WebLogic Server flaw that lets an unauthenticated attacker access critical data, to its Known Exploited Vulnerabilities catalog on Monday, confirming active exploitation and giving federal admins until Thursday to patch affected versions 12.2.1.4.0 and 14.1.1.0.0. The bug was fixed in Oracle's July 2024 Critical Patch Update, and researchers note that its late KEV addition fits a pattern in which more than 40 percent of catalog entries are listed two or more years after release, often catching organizations that patch slowly. Given an average 60-day patch window against attackers who weaponize exploits within hours or days, admins should treat this as a now-priority fix and not wait, as the moderate CVSS score understates real-world risk.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblog.calif.io%2Fp%2Fcodex-discovered-a-hidden-http2-bomb%3Futm_source=tldrinfosec/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/M4sUJQA0nMKsz2mQAKi4ZD9ZI0GLgc4FKTpfZnBgTqQ=452">
<span>
<strong>Codex Discovered a Hidden HTTP/2 Bomb (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Calif disclosed HTTP/2 Bomb, a remote denial-of-service attack against nginx, Apache httpd, Microsoft IIS, Envoy, and Cloudflare Pingora in their default HTTP/2 configurations, discovered by OpenAI's Codex, chaining two decade-old techniques: an HPACK indexed-reference bomb where each 1-byte reference forces 70 to 4,000 bytes of server allocation, and a zero-byte flow-control window stall that pins that memory in place, letting a single client hold roughly 32GB on Apache httpd or Envoy in about 20 seconds (assigned CVE-2026-49975 for Apache). The deeper lesson is editorial as much as technical, since RFC 7541 framed HPACK memory risk purely as an amplification ratio while ignoring that HTTP/2 lets a client pin allocations cheaply, so five independent implementations read the same guidance and shipped the same bug class. Defenders should upgrade nginx to 1.29.8+ for the max_headers directive, apply Apache's mod_http2 v2.0.41 fix, disable HTTP/2 where no patch exists for IIS, Envoy, and Pingora, and cap per-worker memory so a bombed process is OOM-killed before dragging the host into swap.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FsFULfR/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/UMngZifgFY_PNyhNWx5PLxOZDSRzaYt18I79mfU-NuQ=452">
<span>
<strong>Data of 600K Gaza Households Exposed in WFP Cyber Attack (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The World Food Program announced that it is investigating a data breach involving 600,000 households in Gaza. The data was exposed via a breach of its self-registration application (SRA) that was used for Palestinians in Gaza. An anonymous whistleblower flagged that the organization waited two weeks to notify impacted individuals via Telegram.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Funit42.paloaltonetworks.com%2Fflutterbridge-new-fluttershell-backdoor%2F%3Futm_source=tldrinfosec/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/ikYeOCQ2CX0FtHc99N6SvOQdCfPLD_7oJo74Bjzgqdg=452">
<span>
<strong>Operation FlutterBridge: macOS Malvertising Campaign Spreads New FlutterShell Backdoor (14 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Unit 42 tracked Operation FlutterBridge, a financially motivated campaign that distributes the FlutterShell macOS backdoor via hundreds of Google-verified ads by shell companies (AdsParkPro LTD, Advantage Web Marketing LLC, and SOFT WE ART LIMITED). It uses notarized payloads such as PodcastsLounge, PDF-Brain, and PDF-Ninja, which have zero VirusTotal detections. FlutterShell stores logic off-binary in a WebView via a JavaScript-to-native bridge (flutterInvoke), fetching commands from /getConfig and /getUpdateThanksConfig for runtime behavior changes, fingerprints hosts via IOPlatformUUID, rewrites Chrome Secure Preferences to hijack search through sinterfumesco[.]com, abuses Sparkle for silent updates, and in later variants routes documents through /summarize-text, exfiltrating content under the guise of AI summarization. Defenders should hunt the C2 domains atsheisdomestic[.]org, etoftheappyrince[.]org, and healightejustb[.]org, plus the SHA256 hashes, flag killall "Google Chrome" relaunches with --hide-crash-restore-bubble and --disable-session-crashed-bubble, and treat valid Apple notarization as no guarantee of safety despite passing review.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.utoronto.ca%2Fnews%2Fu-t-researchers-demonstrate-ai-worm-could-target-any-online-device%3Futm_source=tldrinfosec/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/pmA-azh5WzpEtwitg2DH-s9DhkRXMdN0eRp2gABu4po=452">
<span>
<strong>University of Toronto Researchers Demonstrate AI Worm Could Target Any Online Device (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
While much of the conversation around AI security is currently focused on larger models such as Claude Mythos, researchers from the University of Toronto have demonstrated that an AI worm built using a single-GPU, open-weight model could also compromise a network. While the worm cannot discover unknown vulnerabilities, it can search for disclosed vulnerabilities and adapt to move around a network that is not fully patched. When the worm infects a machine, it also hijacks compute resources to power its reasoning and becomes more capable as it spreads.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fdistil-labs%2Fdistil-ai-slop-detector%3Futm_source=tldrinfosec/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/1SPyszRCZNM2v7PMZkbLD4TNPyzPAmxVfRIHT497qKI=452">
<span>
<strong>AI Slop Detector (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
AI Slop Detector is a Chrome extension that runs a LoRA-tuned, Q4-quantized Gemma 3 270M model (~242 MB) locally via Wllama for fully offline, no-data-leakage classification of text as ai_generated or human_written, though its headline claim of matching a 120B teacher at 100% accuracy rests on a tiny self-built test set and drops to a self-reported ~88 to ~92 percent on real-world emails and Reddit comments, so treat the benchmarks as vendor-marketing rather than independent validation.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fangr%2Fangr%3Futm_source=tldrinfosec/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/pOMSBTULFIGDPsTopnzd_o7o7gOLABU7LvyzrPY-pnc=452">
<span>
<strong>angr (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
angr is a platform-agnostic binary analysis framework that provides a suite of Python 3 libraries for binary analysis.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fjuanfont%2Fheadscale%3Futm_source=tldrinfosec/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/3LjbnpyNFR8hoXclnm3wfS_TpxC5J4_WbF7hx-BcGTA=452">
<span>
<strong>Headscale (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Headscale is an open source, self-hosted implementation of the Tailscale control server.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.csoonline.com%2Farticle%2F4180265%2Fanthropic-grants-project-glasswing-access-to-150-more-companies-with-a-focus-on-critical-infrastructure.html%3Futm_source=tldrinfosec/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/7hlCtlbgaiaJ3B9tFdSkHDhuLJpnUMnYxPdb1MLNibw=452">
<span>
<strong>Anthropic grants Project Glasswing access to 150 more companies, with a focus on critical infrastructure (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Anthropic expanded its Project Glasswing AI vulnerability-hunting initiative to 150 additional companies, concentrating on critical infrastructure across power, water, healthcare, communications, and hardware, where it estimates a successful codebase attack could affect more than 100 million people per partner. Analysts welcomed the wider net for bug discovery but warned that the real constraint sits downstream, since vendors and SOCs already struggle to validate, prioritize, and patch known issues, so a 10x or 100x jump in findings risks turning cybersecurity from a visibility problem into an execution one. Researchers also flagged trust gaps around the undefined "security requirements" that gate new participants and around confidence scoring for AI-generated patches, while one analyst cautioned that broadening access beyond a small, vetted group heightens leak exposure for a model that has already had two reported leaks.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdecrypt.co%2F369781%2Fmicrosoft-scout-openclaw-enterprise-ai-agent%3Futm_source=tldrinfosec/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/kEF2kqEzvwLwexQqukg5o27UxFYmQ7g-P4SYZeTydp0=452">
<span>
<strong>Microsoft Turns OpenClaw Into an Enterprise AI Agent With Scout (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
At its Build 2026 conference, Microsoft announced the release of Scout, which it dubs its first βAutopilotβ agent. Scout is built on top of OpenClaw and will be part of Microsoft 365, bringing OpenClaw to a mainstream and enterprise audience. Microsoft is available in private preview and requires an Intune policy configuration, an opt-in attestation, and a GitHub Copilot license.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FFGhjsH/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/BoGwVNxEmzOp1xjhbigaH1ZVcS4iMW_wAU6skG5XHUc=452">
<span>
<strong>Microsoft's Coreutils project brings Linux commands to Windows (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft announced Coreutils for Windows at Build 2026, a WinGet-installable package built on the Rust-based uutils project that ships Linux utilities like cat, cp, find, grep, ls, and rm as a single coreutils.exe binary fronted by NTFS hardlinks, while omitting POSIX-dependent commands such as chmod, chown, kill, and whoami.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthenextweb.com%2Fnews%2Fgithub-dev-vscode-oauth-token-theft%3Futm_source=tldrinfosec/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/1nqADYF5OQop5MV35ZR52E0IIJezHbmFWGcgreUviUc=452">
<span>
<strong>GitHub.dev flaw lets attackers steal OAuth tokens in one click (8 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researcher Ammar Askar demonstrated that a malicious GitHub.dev link with a booby-trapped Jupyter notebook can silently exfiltrate OAuth tokens, bypass trust prompts, enumerate private repositories, and exploit the absence of CSRF tokens.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FUKXCNf/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/b49VCMIKFFdQhlwaz9XJd8DsehQ-5RpZHAODH9i6QKw=452">
<span>
<strong>Microsoft Tries to Calm Legal Threat Fears After Zero-Day Disclosure Backlash (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
After researcher Nightmare Eclipse dumped PoCs for several unpatched Microsoft flaws (RedSun CVE-2026-41091, UnDefend CVE-2026-45498, BlueHammer CVE-2026-33825, YellowKey CVE-2026-45585, plus GreenPlasma and MiniPlasma) following a soured disclosure dispute, Microsoft's May 27 reference to its Digital Crimes Unit sparked backlash read as a legal threat, prompting a June 1 clarification that it will not pursue action against legitimate security research.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/Lp7xYJNyvlfcZxZYOgIRXTpzH_Zt5ZwdqkQywm3AvNA=452" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/i93_72hKq9qhmv2RlfLDHPUaps6wqW8hMCybamLSr2I=452" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/hx1jOzmIAFoHGVjYt5vPNRAO6LPHbPdSoh4r8pKw9xE=452"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/7Zr1Qtt8RaCvQ_i-_kO1kG8zoqmmqBoREm3f74z7BIQ=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/rudfp7BA5fOunW0f4orY7QUAdoQQrlyIam2fGWTZPpI=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/_j0bDHuM8FVGJInVZPg2cINtCEmwf6sSz6Cbzk_gl9o=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/P319LhsDjg_i4f6uZf5G4a1zxw01LMgr7f2P6KkFisA=452"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/Dt64qcRFazDjQmRLBB18flNOcqYa946MnHXzis4pMCo=452"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/ZqgCXh8DYc8v6XOu01v-rMm8_U7WTCkgc8xmFeSfqq0=452"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/1VJng05zltO8eFPOWVVD9VpENlFjf3IV4FLvsC0wLzc=452">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=42475f7a-5ffe-11f1-9ae8-e12a95831ada%26pt=campaign%26pv=4%26spa=1780578072%26t=1780578469%26s=b0934d8384d7cbbb3580faab0c9b4d844cc012f641d5a32e655db040132564e9/1/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/BninDVeMG3Labsq7jJG0LCUx_KSrElHFXz-q2er9ovo=452">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019e92bf456c-201a20f6-bd12-4306-b017-9e23a93ab50f-000000/2UtE3oLC64JeeTCaF0knYXyKLM8GqKKhyzRt9t-006Y=452" style="display: none; width: 1px; height: 1px;">
</body></html>