<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Microsoft took down about 70 GitHub-hosted open source projects after malware was found in tools tied to Azure, Claude Code, Gemini CLI, and VS Code </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/jH8w2oevuD70LLZZQgBjUoaPHHgP5jqNj7Kbd3fg8YM=452" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/EVhNIhhGd8gfxzEUuFILqxflHrGUKdQqeSd8pAVov78=452" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=5f89fc98-63df-11f1-abf0-4d5f90e41408%26pt=campaign%26t=1781010475%26s=ab46914395017da9b8a41f47b58c164e94a5a8c779aaa9aa9db278376b0c6d9a/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/EPRBn-UJapCBXdBnRhT9M2-mi-Nmcl93zw-eNT5Hnj4=452"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-06-09</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🔓</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F06%2F08%2Fmicrosofts-open-source-tools-were-hacked-to-steal-passwords-of-ai-developers%2F%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/kjnznmJJuZTjKZhZcfu790vDuNGMQ7kpZZ3NbW_iSMY=452">
<span>
<strong>Microsoft's open source tools were hacked to steal passwords of AI developers (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft took down about 70 GitHub-hosted open source projects after malware was found in tools tied to Azure, Claude Code, Gemini's CLI, and VS Code. Attackers used the infected packages to capture passwords and credentials when developers opened the tools. The incident appears to be linked to an earlier compromise of Microsoft's Durable Task project, suggesting the same access was compromised again.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FM483jm/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/nhpzNA-OBUbyDpuH8d8wCeNlSKqAwV7o0Sq1Ri-VvYY=452">
<span>
<strong>174,000 Impacted by Lansing Community College Data Breach (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
In February 2025, Lansing Community College detected that attackers had accessed some systems using compromised credentials, exposing names, addresses, birth dates, driver's license data, Social Security numbers, and other records for 174,307 people. LCC offers 24 months of credit monitoring and identity protection, reports no evidence of data exfiltration or misuse so far, and withholds any attribution to a specific threat group.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.bbc.com%2Fnews%2Farticles%2Fc072797rlx5o%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/79iBXP_-CY9X5Ogv45-qZN-B5oUqTAiugtAye6BSS00=452">
<span>
<strong>Thousands of Patient Records Taken in UK Cyberattack (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Mid and South Essex NHS Foundation Trust (MSE), one of the largest hospital trusts in England, confirmed that 2,380 records were stolen in a breach. The data was stolen from a third-party testing provider that analyzed blood, urine, and tissue samples, which confirmed that other hospital trusts' data was also stolen in the same breach. The exposed data includes names, dates of birth, patient numbers, NHS numbers, postcodes, and test results.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧠</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.straiker.ai%2Fblog%2Fnomshub-cursor-remote-tunneling-sandbox-breakout%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/lOaymUeSU7yMOj5BjyGVbJCimzYd3obb27ihJHQMNt4=452">
<span>
<strong>NomShub: Weaponizing Cursor's Remote Tunnel Through Indirect Prompt Injection and Sandbox Breakout (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Researchers uncovered a now-patched vulnerability in Cursor that could allow an attacker to execute code on a victim's system with no user interaction beyond opening the repository in Cursor. The vulnerability exploits a sandbox breakout caused by Cursor's shouldBlockShellCommand parser failing to block shell built-ins such as export, cd, and echo. Attackers can exploit this to hijack Cursor's cursor-tunnel binary, which uses Microsoft's Dev Tunnels infrastructure to obtain unauthenticated shell access.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.originhq.com%2Fresearch%2Fmxc-execution-containers-internals%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/RTYbGMCxegwI4Lc-zduxNAC34TNzAnmAAC7Sh5JlPhg=452">
<span>
<strong>MXC Internals: How Microsoft's eXecution Containers Actually Isolate Agent Code (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
At Build 2026, Microsoft announced MXC as a new, platform-agnostic sandbox system for running untrusted and agentic code. The sandbox runs at the OS level rather than at the application level, unlike those shipped with Codex or Claude Code. Based on the OS and available features, the sandbox will run a backend using either AppContainer, Windows.AI.IsolationBroker, a disposable Windows VM, a WSL microVM, a NanVix microVM, a bubblewrap namespace, or macOS Seatbelt.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.blackhillsinfosec.com%2Fauditing-gitlab-the-ci-cd-kill-chain%2F%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/kh4wq03Yx1lkWGbn-SelcxLEMRSDDKQOON-wfpTNeAY=452">
<span>
<strong>Auditing GitLab: The CI/CD Kill Chain (16 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Black Hills Information Security released GoGatoZ, a Go-based GitLab CI/CD auditing tool ported from Gato-X, and used it to scan 3,757 public gitlab.com projects across three campaigns (broad DevOps keywords, Fortune 500 targeting, and industry verticals), surfacing 7,331 findings, including 1,580 HIGH severity issues with roughly two-thirds of projects exhibiting at least one misconfiguration. Dominant attack classes included unprotected fork merge request pipelines (1,971 findings) that let attackers modify .gitlab-ci.yml in a fork to exfiltrate CI variables, privileged Docker runners (259) enabling container-to-host escape, curl | bash patterns in 150 pipelines, $CI_COMMIT_REF_NAME and $CI_MERGE_REQUEST_TITLE injection into shell scripts (288), exposed self-hosted runners (177), and 347 plaintext secrets, with a systematic false-positive workflow trimming about 40% of keyword-targeted findings as noise. Defenders should pin all include directives and container images to commit SHAs, move secrets to masked and protected CI variables, disable fork MR pipeline access to variables, restrict self-hosted runners to protected branches only, drop privileged mode on Docker runners exposed to public projects, and integrate scanners like GoGatoZ into regular audits of internal GitLab instances.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🧑💻</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdelinea.com%2Fresources%2Fdelinea-platform-roi%3Futm_medium=paid-newsletter%26utm_source=TLDR%26utm_campaign=FF-FY26Q2_TLDR_*VisIP%26utm_content=TLDR%2520Send%25205%26utm_term=Secondary/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/f8XuOBjqDqwn98V603WeMX2fItKHibo74pz1OvRBZLM=452">
<span>
<strong>Centralizing identity security = $2.2M ROI, annually (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
And here's the data to prove it. Delinea partnered with independent research firm UserEvidence to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdelinea.com%2Fresources%2Fdelinea-platform-roi%3Futm_medium=paid-newsletter%26utm_source=TLDR%26utm_campaign=FF-FY26Q2_TLDR_*VisIP%26utm_content=TLDR%2520Send%25205%26utm_term=Secondary/2/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/ezr3KaCOvCfXpY4SVThT9b9YjNhdIXjHXvXXHzgSnZk=452" rel="noopener noreferrer nofollow" target="_blank"><span>evaluate annual ROI</span></a> at over 200 Delinea Platform customers. By centralizing identity security, improving visibility and control over privileged access, and automating workflows, customers averaged $2.2M ROI per year. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fdelinea.com%2Fresources%2Fdelinea-platform-roi%3Futm_medium=paid-newsletter%26utm_source=TLDR%26utm_campaign=FF-FY26Q2_TLDR_*VisIP%26utm_content=TLDR%2520Send%25205%26utm_term=Secondary/3/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/Zfp1wwDyCzKJ5S0hdkvI5omPDoWyV42ph5JPydNygvE=452" rel="noopener noreferrer nofollow" target="_blank"><span>Get the whitepaper</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Foffroad.ai%2F%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/T6lh5LC_apMn64ErtW_iQZnf_d0idTN7y2jxfCcptbY=452">
<span>
<strong>Offroad (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Offroad provides autonomous security agents that identify identity risks across users, machines, AI agents, and SaaS/OAuth apps, gather context from fragmented systems, and then automatically remediate or govern access, with human oversight where needed.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2F0xsp-SRD%2Faether%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/z7PxiyZfwmW8i5U-IS0guT0_RHPfgQ7jxZ7UKCVqwXo=452">
<span>
<strong>Aether (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Aether is a Windows memory forensics and threat hunting tool that scans live process memory for various malicious activities.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fnvidia%2Fskillspector%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/ese0JcCuuv1emGzQ1ugd_H0K0AuwUTeEBfA36V49c3w=452">
<span>
<strong>SkillSpector (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
NVIDIA has released SkillSpector, a security scanner for AI agent skills that combines static analysis, AST-based behavioral inspection, taint tracking, YARA signatures, and optional LLM semantic evaluation across 64 vulnerability patterns spanning prompt injection, data exfiltration, supply chain, MCP least privilege, and tool poisoning, with live OSV.dev CVE lookups and SARIF output for CI integration.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">🎁</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fsecurity%2F2026%2F06%2Fdashlane-explains-how-attackers-managed-to-download-encrypted-password-vaults%2F%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/0IdNY9ArojiLFP6qwiSWskdGWVbur2pDh6rhM_cKs00=452">
<span>
<strong>Dashlane explains how attackers managed to download encrypted password vaults (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attackers abused Dashlane's device-enrollment APIs to spray one-time 2FA codes across many accounts and brute force valid tokens, letting them register new devices on fewer than 20 accounts and download encrypted vaults. They still need to crack master passwords, which Dashlane hardens with Argon2, but weak or reused passwords remain exposed, so affected users should change master passwords and stored credentials.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F06%2Fvs-code-adds-2-hour-extension-auto.html%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/zUXQvWQRyJ-gxlAGpSTj8LWqnAbjAfYjEOMU2XpR338=452">
<span>
<strong>VS Code Adds 2-Hour Extension Auto-Update Delay to Limit Supply Chain Attacks (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft now delays automatic VS Code extension updates by two hours, except for trusted publishers like Microsoft, GitHub, and OpenAI, which still update immediately. Users can still trigger manual updates and see why updates are pending. Similar cooldown controls in Bundler, Bun, npm, pnpm, and Yarn limit how quickly newly published, potentially malicious packages reach developer environments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fastral.sh%2Fblog%2Fuv-audit%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/ICRV-nb_8sA30leVNSmSAV5BpaEnti79KTlxOWRDcFc=452">
<span>
<strong>Vulnerability and malware checks in uv (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Astral has shipped two preview security features in the uv Python package manager: uv audit, a native dependency scanner for known vulnerabilities and adverse project statuses that runs 4x to 10x faster than pip-audit by leveraging uv's locked resolutions, and an opt-in OSV-based malware check (enabled via UV_MALWARE_CHECK=1) that queries MAL advisories on every sync to abort installation before quarantined-but-still-fetchable malicious distributions execute. The malware check closes a specific gap in locking installers where lockfiles reference object storage directly, allowing distributions removed from the PyPI index to still install from their underlying storage URLs.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">⚡</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2Fsecurity%2F2026%2F06%2F05%2Fcouncil-in-uks-city-of-york-outs-hundreds-of-disabled-residents-with-a-single-email-blunder%2F5251214%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/r6NtHJhqWNsJ_ia4ahHKfp0Be12pE8mhr5ZJeWlxqGU=452">
<span>
<strong>Council in UK's City of York outs hundreds of disabled residents with a single email blunder (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
City of York Council emailed Blue Badge holders without BCC, exposing hundreds of recipients' addresses and implicitly their disability status.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fcybersecuritynews.com%2Ffree-apps-turning-smart-tvs-into-proxies%2F%3Futm_source=tldrinfosec/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/Wkt1i6P2hKUtwM3Xa0v3ScAqyQWH6Jgl3czlUmP3jhM=452">
<span>
<strong>Free Apps on Samsung and LG Smart TVs Secretly Turning Your Devices Into AI Proxies (4 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Include Security disclosed that Bright Data's SDK, embedded in free Samsung, LG, and Roku apps from partners including PlayWorks Digital, CloudTV, and Viber, silently converts connected TVs into residential proxy exit nodes with ignore_screen_on:true flags and a 200 GB monthly cap.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2F9aYldZ/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/DSBU8QkEVcetQGQmGJRQMyEuf3cPHGQmc0A1BKCiNew=452">
<span>
<strong>Suspicious Polyfill login prompts pop up on Toshiba, Muji websites (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The polyfill[.]io domain, hijacked by a Chinese entity in 2024 and abandoned by site owners who never removed embedded script references, reactivated in late May and began returning HTTP 401 responses that surfaced as browser-native credential prompts on Toshiba, Muji, Zojirushi, FiNC Technologies, Ishiyaku Publishers, Hobonichi, and Samsung Smart TV sites.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/vzlrodxrNHyatdnkVRRIKD-IMruFuFTGepZ1olVwDTU=452" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/tU8L0LQAkPWlWHKjI-fOK7kuDnsluWY0WAS2PxHVLoM=452" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? 📰
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/0pcOY6xshUceRiT3hgEAd25xqsXxJUOme9oY_PulW_Q=452"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? 💼
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/E-DosY8WQR-DWGSwUerTwRgQOEV6iveCoYbqQcsgGaA=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/TrhezousMysKqy9XTrenkvQpUAuzG_ashwnjOCqluns=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/f7ffjkF6v4ccgfEuLPfNiebsIBxzEzcvXOi22MnwmVo=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/ZrcAumr_rCyhmfgcnzr5jZI38ngC9DdZWuhVXmHSxzI=452"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/hhxOizqyrtFPBBzpXVZr28haxhCL5VwWvQlngmxTHAg=452"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/ENoOJyYWWTBeG9ejtEorA7qZ8Rctwn5iG9Q9dzhv13A=452"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/vBEyIja8Eq52PoCPsDpG89z96PWH-FLC5v01WXl_AMI=452">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=5f89fc98-63df-11f1-abf0-4d5f90e41408%26pt=campaign%26pv=4%26spa=1781010080%26t=1781010475%26s=e7a047acf88e92235606803414c02f02ea60cd0c3d1700c2e78786daf731b815/1/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/xLzZn4vCEVGXOZlc5UBId_IGcLNPdaTLU6oQ-Hiqlto=452">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019eac7f28c9-1a1f5d6f-c984-49f6-8951-9f83771e22e8-000000/5Gqc8CVDsdY5gHg2uUolQcnILijCtLRacopnjth1DDU=452" style="display: none; width: 1px; height: 1px;">
</body></html>