<!DOCTYPE html><html lang="en"><head><meta http-equiv="Content-Type" content="text/html charset=UTF-8"><meta charset="UTF-8"><meta name="viewport" content="width=device-width"><meta name="x-apple-disable-message-reformatting"><title>TLDR InfoSec</title><meta name="color-scheme" content="light dark"><meta name="supported-color-schemes" content="light dark"><style type="text/css">
:root {
color-scheme: light dark; supported-color-schemes: light dark;
}
*,
*:after,
*:before {
-webkit-box-sizing: border-box; -moz-box-sizing: border-box; box-sizing: border-box;
}
* {
-ms-text-size-adjust: 100%; -webkit-text-size-adjust: 100%;
}
html,
body,
.document {
width: 100% !important; height: 100% !important; margin: 0; padding: 0;
}
body {
-webkit-font-smoothing: antialiased; -moz-osx-font-smoothing: grayscale; text-rendering: optimizeLegibility;
}
div[style*="margin: 16px 0"] {
margin: 0 !important;
}
table,
td {
mso-table-lspace: 0pt; mso-table-rspace: 0pt;
}
table {
border-spacing: 0; border-collapse: collapse; table-layout: fixed; margin: 0 auto;
}
img {
-ms-interpolation-mode: bicubic; max-width: 100%; border: 0;
}
*[x-apple-data-detectors] {
color: inherit !important; text-decoration: none !important;
}
.x-gmail-data-detectors,
.x-gmail-data-detectors *,
.aBn {
border-bottom: 0 !important; cursor: default !important;
}
.btn {
-webkit-transition: all 200ms ease; transition: all 200ms ease;
}
.btn:hover {
background-color: #f67575; border-color: #f67575;
}
* {
font-family: Arial, Helvetica, sans-serif; font-size: 18px;
}
@media screen and (max-width: 600px) {
.container {
width: 100%; margin: auto;
}
.stack {
display: block!important; width: 100%!important; max-width: 100%!important;
}
.btn {
display: block; width: 100%; text-align: center;
}
}
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
body,
p,
td,
tr,
.body,
table,
h1,
h2,
h3,
h4,
h5,
h6,
div,
span {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
a {
color: inherit !important; text-decoration: underline !important;
}
</style><!--[if mso | ie]>
<style type="text/css">
a {
background-color: #FEFEFE !important; color: #010101 !important;
}
@media (prefers-color-scheme: dark) {
a {
background-color: #27292D !important; color: #FEFEFE !important;
}
}
</style>
<![endif]--></head><body class="">
<div style="display: none; max-height: 0px; overflow: hidden;">Ivanti warns that two critical Ivanti Sentry bugs allow remote, unauthenticated attackers to gain root or create admin accounts on affected gateways β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β β </div>
<div style="display: none; max-height: 0px; overflow: hidden;">
<br>
</div>
<table align="center" class="document"><tbody><tr><td valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" class="container" width="600"><tbody><tr class="inner-body"><td>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr class="header"><td bgcolor="" class="container">
<table width="100%"><tbody><tr><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" style="margin-top: 0px;" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div style="text-align: center;">
<span style="margin-right: 0px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%3Futm_source=tldrinfosec/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/3iR4lMBCJgtclbh09LqX-7NeGxhJxM1gHdk4hq-9Enc=452" rel="noopener noreferrer" target="_blank"><span>Sign Up</span></a>
|<span style="margin-right: 2px; margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisetopnav/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/JWnY_BeAJHWqeipfO_smJq7h0XE8hqAQoLOJse2-YZU=452" rel="noopener noreferrer" target="_blank"><span>Advertise</span></a></span>|<span style="margin-left: 2px;"><a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Fweb-version%3Fep=1%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=e4f1cbb0-655e-11f1-aed7-513234910752%26pt=campaign%26t=1781183373%26s=c25f9b2f4b085f1895528682dc0e93ccd0cd83b56c0f123b332579b1cb2d9a14/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/VAmRiulLANr4GgWI2hgHFbHimUM_qvTGJfo_Pxohriw=452"><span>View Online</span></a></span>
<br>
</span></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="text-align: center;"><span data-darkreader-inline-color="" style="--darkreader-inline-color:#3db3ff; color: rgb(51, 175, 255) !important; font-size: 30px;">T</span><span style="font-size: 30px;"><span data-darkreader-inline-color="" style="color: rgb(232, 192, 96) !important; --darkreader-inline-color:#e8c163; font-size:30px;">L</span><span data-darkreader-inline-color="" style="color: rgb(101, 195, 173) !important; --darkreader-inline-color:#6ec7b2; font-size:30px;">D</span></span><span data-darkreader-inline-color="" style="--darkreader-inline-color:#dd6e6e; color: rgb(220, 107, 107) !important; font-size: 30px;">R</span>
<br>
</td></tr></tbody></table>
<br>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr id="together-with"><td align="center" height="20" style="vertical-align:middle !important;" valign="middle" width="100%"><strong style="vertical-align:middle !important; height: 100%;">Together With </strong>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblackkite.com%2Freports%2F2026-supply-chain-vulnerability-report%3Futm_source=tldr%26utm_medium=newsletter%26utm_campaign=fy27-alwayson-tofu%26utm_content=61126_header_vulnerability_deluge_here/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/o82DvsSE6NGQ5w8rKXoy8XOEzORm7agEok7PVSTIb4Q=452"><img src="https://images.tldr.tech/blackkite.png" valign="middle" style="vertical-align: middle !important; height: 100%;" alt="Black Kite"></a></td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;">
<div style="text-align: center;">
<h1><strong>TLDR Information Security <span id="date">2026-06-11</span></strong></h1>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width:100%;" width="100%"><tbody><tr id="sponsy-copy"><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblackkite.com%2Freports%2F2026-supply-chain-vulnerability-report%3Futm_source=tldr%26utm_medium=newsletter%26utm_campaign=fy27-alwayson-tofu%26utm_content=61126_header_vulnerability_deluge_here/2/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/KhkGVQei3FAl6uhf58xLxW-8GCGllR_un8bnrSMqtMM=452">
<span>
<strong>The Vulnerability Deluge Is Here. Here's How to Filter It (Sponsor)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Of the 48,000 CVEs published last year, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblackkite.com%2Freports%2F2026-supply-chain-vulnerability-report%3Futm_source=tldr%26utm_medium=newsletter%26utm_campaign=fy27-alwayson-tofu%26utm_content=61126_Body_fewer_than_60/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/PWZTnwTcok8UAqDxxJLutXwuQxSgqe43Dsvaln0a1rA=452" rel="noopener noreferrer nofollow" target="_blank"><span>fewer than 60</span></a> impacted supply chains. Triage was always the problem, and AI-powered detection is making it virtually impossible. Black Kite built this report to show you how to cut through the noise and get right to the CVEs that need your attention. <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fblackkite.com%2Freports%2F2026-supply-chain-vulnerability-report%3Futm_source=tldr%26utm_medium=newsletter%26utm_campaign=fy27-alwayson-tofu%26utm_content=61126_cta_ungated_report/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/6og6zTSor_91an5Kk6hlrFx-EBTJjbaWb9zIVNzSE_4=452" rel="noopener noreferrer nofollow" target="_blank"><span>Read the (ungated) report</span></a>
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr>
<tr bgcolor=""><td class="container">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td style="padding: 0px;">
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Attacks & Vulnerabilities</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.theregister.com%2Fpatches%2F2026%2F06%2F10%2Fivanti-urges-sentry-users-to-patch-two-critical-bugs%2F5253428%3Futm_source=tldrinfosec/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/NPonJ55ufyC3CYqFBhHb2TyQgrFIZOZaoYl-TlkNDRE=452">
<span>
<strong>Ivanti tells Sentry customers to patch now as critical bugs hit 10.0 and 9.9 (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Ivanti warns that two critical Ivanti Sentry bugs allow remote, unauthenticated attackers to gain root or create admin accounts on affected gateways. One flaw abuses an exposed Tomcat API to run injected MICS commands as root. Ivanti blocks unauthenticated access and hard-codes commands, and tells customers to upgrade Sentry to 10.5.2, 10.6.2, or 10.7.1 immediately.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fthehackernews.com%2F2026%2F06%2Fservicenow-flaw-exploited-to-gain.html%3Futm_source=tldrinfosec/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/NePXMvpn2judjDO4gaSo_OzWCA57Guw5ipQ21zMOlnI=452">
<span>
<strong>ServiceNow Flaw Exploited to Gain Unauthorized Access to Customer Instances (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
ServiceNow fixed a misconfigured endpoint that allowed unauthenticated users to query certain customer instances in its Australia release and in some earlier custom setups. Attackers used the bug to run table queries against a subset of tenants starting June 2. ServiceNow traced the issue back to reports received through its bug bounty program in April and early June and directly notified affected customers.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FamXvda/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/SM2PGc6bVjvsyPYkcORTMMeLgfbL-j3SeleIkYpth-8=452">
<span>
<strong>Path Traversal Flaw in AI Dev Platform Langflow Exploited in Attacks (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Security researchers warn that a path traversal vulnerability in Langflow, disclosed in March, is now being exploited by attackers. The vulnerability stems from the POST /api/v2/files endpoint not properly sanitizing paths, allowing attackers to upload arbitrary files to Langflow servers. Langflow enables unauthenticated, auto-login by default, meaning that this vulnerability can be exploited by unauthenticated attackers in default configurations.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§ </span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Strategies & Tactics</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fred.anthropic.com%2F2026%2Fattack-navigator%2F%3Futm_source=tldrinfosec/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/R39AptaCziUjwnKMMnYBjeSiR7t82bTQUHbDa3uMPCU=452">
<span>
<strong>Mapping AI-enabled cyber threats: Insights from the LLM ATT&CK Navigator (13 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Anthropic mapped 13,873 technique observations from 832 banned accounts onto MITRE ATT&CK and found that medium-or-higher-risk actors climbed from 33% to 56% in a year, with most actors leaning on AI for early-stage capability development (T1587 malware, used by 69%) and defense evasion (T1027, T1562, and T1055) while the highest-risk actors instead drove AI into post-compromise, hands-on-keyboard work like lateral movement (T1021), OS credential dumping (T1003), and web shell deployment (T1505.003). The standout case, GTG-1002, hit the maximum risk score of 100 not through technique breadth (30 techniques, comparable to medium-risk actors) but by weaponizing Claude Code on a Kali host with pentest tools wired in as MCP servers, turning the model into an autonomous operator that chained reconnaissance through SSRF exploitation, SSH key and cloud-secret harvesting, and lateral movement with minimal human input. Defenders should treat agentic orchestration rather than raw skill or technique count as the new high-risk signal, build detections for multistep autonomous execution and AI-directed pivots that MITRE does not yet enumerate, and compress vulnerability-to-patch timelines while applying AI defensively at matching urgency.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fsumsub.com%2Fblog%2Fhow-fraudsters-bypass-facial-recognition%2F%3Futm_source=tldrinfosec/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/Y7LyAlenZx5IfnYfQLDDb7l972r3_OhGwLwQwnvZUZE=452">
<span>
<strong>How Fraudsters Bypass Facial Recognition and Stay Hidden in 2026 (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Fraud rings now combine deepfakes, silicone or paper masks, stolen photos, and pre-recorded or injected video to bypass facial verification in banking, crypto, and remote hiring flows. Recent cases include North Korean IT workers using deepfake job interviews, a Vietnamese ring laundering about 38.4 million dollars, and scams impersonating leaders in Singapore, Indonesia, and the United States. Defenses focus on liveness checks that read depth, micro-movements, rPPG signals, and camera integrity, plus hardened apps, encrypted pipelines, and device and session fingerprinting.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fbrainoverflow.blog%2Fposts%2Fclaude-code-security-review-bias%2F%3Futm_source=tldrinfosec/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/mqrJZnAFsrL4_SksCzJxTewS_c387sksje9MQZLR1B4=452">
<span>
<strong>Hidden Gaps in Claude Code Security Reviews (10 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
To address a potential issue of model bias when running /security-review in the same session that authored the code, Anthropic introduced a new plugin that runs a separate session to review the diff. The author hypothesized and proved that the /security-review skill suffers from model bias, ignoring legitimate findings due to existing context from the authoring process, and that the plugin misses complex attack chains because it is limited to changes in the specific diff. The author suggests running /security-review manually in a new session to force a full code review without model bias and avoid these issues.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π§βπ»</span></div>
</div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Launches & Tools</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.aryon.security%2F%3Futm_source=tldrinfosec/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/fuZWIgsLv7nvxsT20BsWv6d4K7LZ7aTmaHsFR4jJajQ=452">
<span>
<strong>Aryon Security (Product Launch)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Aryon Security provides a technology-agnostic cloud security platform that scans assets for misconfigurations, enforces organization-defined policies, supports secure-by-design cloud migration, and applies preventive controls continuously across customers' cloud environments.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2FCisco-Talos%2FEvidenceForge%3Futm_source=tldrinfosec/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/C-NSwb3ieoIIVXHh42A9FZGvdobWVcIutwS91QIiFJg=452">
<span>
<strong>EvidenceForge (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
EvidenceForge is a new tool from Cisco Talos that generates realistic-looking synthetic security logs for threat hunting training and research.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fgithub.com%2Fmicrosoft%2Fagent-governance-toolkit%3Futm_source=tldrinfosec/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/hCEGCt-jDjzaxxvdmKOf5nt5_VaY5qieB-d4McfnhV8=452">
<span>
<strong>Agent Governance Toolkit (GitHub Repo)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
The AI Agent Governance Toolkit provides policy enforcement, zero-trust identity, execution sandboxing, and reliability engineering for autonomous AI agents.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">π</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><strong><h1>Miscellaneous</h1></strong></div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftrustedsec.com%2Fblog%2Fthe-privileged-roles-nobody-talks-about%3Futm_source=tldrinfosec/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/1YqTBewZb8BvcEVcUYTrwpyJAF6KuS1aaG045N4HFZ4=452">
<span>
<strong>The Privileged Roles Nobody Talks About (13 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
MDM and platform-administration roles like Intune Administrator are functionally Tier 0 yet are routinely left out of threat models, run from general-purpose laptops on permanently assigned accounts, and exposed through forgotten Graph API app registrations holding DeviceManagement*.ReadWrite.All, any one of which lets a single compromised credential push SYSTEM-context scripts or wipe an entire device fleet. The piece traces a recurring kill chain (infostealer to Intune admin compromise to mass wipe) mapped to MITRE techniques such as T1072, T1059.001, T1098, and T1578, and prescribes treating these roles with the same rigor as Domain Admin: PIM-gated just-in-time activation, phishing-resistant MFA, Multi-Admin Approval on destructive actions, scoped custom RBAC, dedicated redundant PAWs, and Sentinel detections that flag service-principal (Graph API) abuse via the IsApiActor pattern. The broader point lands as governance rather than novelty, since the attack needs no zero-day, just one underprotected console and an incomplete definition of privileged access.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Farstechnica.com%2Fsecurity%2F2026%2F06%2Flocked-in-heated-rivalry-with-researcher-microsoft-fixes-0-day-they-disclosed%2F%3Futm_source=tldrinfosec/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/FZLBhalSO_T13pd0FCSO4haiYvEFL8_b2FkuRKxtd9o=452">
<span>
<strong>Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Microsoft patched two highβseverity Windows zeroβdays disclosed by researcher Nightmare Eclipse, including GreenPlasma (CVE-2026-45586) and a regressed bug dubbed MiniPlasma tied to CVE-2020-17103. The company also shared manual mitigation steps for the YellowKey BitLocker bypass, while unpatched flaws like RedSun and BlueHammer remain pending as the dispute over disclosure practices continues.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftechcrunch.com%2F2026%2F06%2F10%2Fcybersecurity-researchers-arent-happy-about-the-guardrails-on-anthropics-fable%2F%3Futm_source=tldrinfosec/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/gSdLgKdwTXxOw-uYMCFg-rRe8ovS22iwkaliTU1oFgk=452">
<span>
<strong>Cybersecurity researchers aren't happy about the guardrails on Anthropic's Fable (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Anthropic's public Fable model, based on Mythos, blocks many prompts that mention cybersecurity, even simple code review or blog analysis requests. Researchers report frequent shutdowns, keyword-style filtering, and fallback to Claude Opus 4.8. Anthropic instead directs highβtrust users into a Cyber Verification Program with looser limits.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;"><span style="font-size: 36px;">β‘</span></div></div>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding-top: 0px; padding-bottom: 0px;">
<div class="text-block">
<div style="text-align: center;">
<h1><strong>Quick Links</strong></h1>
</div>
</div>
</td></tr></tbody></table>
<table bgcolor="" style="table-layout: fixed; width: 100%;" width="100%"><tbody><tr><td style="padding:0;border-collapse:collapse;border-spacing:0;margin:0;" valign="top">
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2FPz3Owp/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/EtFdO6KT4105euR_WCjUPCq26Qk8M2q_AWoiTo9YbKo=452">
<span>
<strong>Infostealers Turn Millions of Devices Into Credential Theft Machines (3 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
Attackers now lean on infostealers to grab credentials, browser data, crypto wallets, and system metadata, then bundle everything into encrypted logs for sale.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Flinks.tldrnewsletter.com%2Ftm3wz1/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/k3Mq9a9S7715ftbNXRUd5tlRxzn8CXKGk1ZOdA72x7U=452">
<span>
<strong>CISA Rewrites Federal Patching Requirements for AI Threat Era (5 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
CISA's new Binding Operational Directive BOD 26-04 replaces prior mandates with a tiered, risk-based model that gives federal civilian agencies three days to remediate and forensically triage the most dangerous flaws.
</span>
</span>
</div>
</td></tr></tbody></table>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block">
<span>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.hashicorp.com%2Fen%2Fblog%2Fhcp-packer-adds-enforced-provisioners%3Futm_source=tldrinfosec/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/LpItrMKLnhXNY8vZWvRCijdp1pyuTkrbN0nPWVKpKkU=452">
<span>
<strong>HCP Packer adds enforced provisioners (2 minute read)</strong>
</span>
</a>
<br>
<br>
<span style="font-family: "Helvetica Neue", Helvetica, Arial, Verdana, sans-serif;">
HCP Packer now lets platform and security teams centrally define mandatory provisioning logic that runs automatically on every downstream image build tied to a Packer bucket.
</span>
</span>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Love TLDR? Tell your friends and get rewards!
</p>
</td></tr>
<tr><td class="container" style="padding: 0px 10px 15px;">
<div class="text-block">
Share your referral link below with friends to get free TLDR swag!
</div>
</td></tr>
<tr><td align="left" style="padding: 10px;">
<div class="text-block">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Frefer.tldr.tech%2F78de0e20%2F8/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/ZrzxHrrkhboZ5rB7SqzEK7bL-m79P2vKckp1RPQc6sg=452" style="color: #464ba4; text-decoration: underline;">https://refer.tldr.tech/78de0e20/8</a>
</div>
</td></tr>
<tr></tr>
<tr><td align="left" style="padding:5px 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fhub.sparklp.co%2Fsub_d62447d5a74a%2F8/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/mv8gdnzVD2fVnMZA4ycBloVrBgzDBWD18nos3bK9eiI=452" style="font-size: 16px; line-height: 1.6; padding: 10px 0; display: inline-block; text-decoration: underline;"><span style="mso-text-raise:13pt; text-decoration: underline;">Track your referrals here.</span></a>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td align="left" style="word-break: break-word; vertical-align: top; padding: 5px 10px;">
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to advertise in TLDR? π°
</p>
<div class="text-block" style="margin-top: 10px;">
If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fadvertise.tldr.tech%2F%3Futm_source=tldrinfosec%26utm_medium=newsletter%26utm_campaign=advertisecta/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/oeXvhpIGrS3rWbmcVfS2KJLqPasxN_q6pwQIvcCZQtM=452"><strong><span>advertise with us</span></strong></a>.
</div>
<br>
<!-- New "Want to work at TLDR?" section -->
<p style="padding: 0; margin: 0; font-size: 22px; color: #000000; line-height: 1.6; font-weight: bold;">
Want to work at TLDR? πΌ
</p>
<div class="text-block" style="margin-top: 10px;">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/c3SjldxaeirkP3c7jxw0hY1e53P4o3s6W_8z0hJN3lA=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Apply here</strong></a>,
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fjobs.ashbyhq.com%2Ftldr.tech%2Fc227b917-a6a4-40ce-8950-d3e165357871/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/I3AKPJcoquaEpkV5wWw-X8y0xJ-o0riIB3Bwk8b9bl4=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>create your own role</strong></a> or send a friend's resume to <a href="mailto:jobs@tldr.tech" style="color: #0000EE; text-decoration: underline;">jobs@tldr.tech</a> and get $1k if we hire them! TLDR is one of <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Ffeed%2Fupdate%2Furn:li:activity:7401699691039830016%2F/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/aAHvSPz9I23Tu2crk8xjka7DSCVXMd2JbLNPCGfMDJY=452" rel="noopener noreferrer" style="color: #0000EE; text-decoration: underline;" target="_blank"><strong>Inc.'s Best Bootstrapped businesses</strong></a> of 2025.
</div>
<br>
<div class="text-block">
If you have any comments or feedback, just respond to this email!
<br>
<br> Thanks for reading,
<br>
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fprasannagautam%2F/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/blqE0EG_hk6c6aBswrL8zLqRet7KmxsPGelXCfmuHUo=452"><span>Prasanna Gautam</span></a>, <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fericfernandezdelcampo%2F/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/Df9DJKvgxp6sQJcVHxn4bAI1ZWueOC4_L4UABCZzNc0=452"><span>Eric Fernandez</span></a> & <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fwww.linkedin.com%2Fin%2Fsammy-tbeile%2F/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/8SCkpz99pbAfe7hzOjuy_GiGjEWsRMzvAVqnZXTDb30=452"><span>Sammy Tbeile</span></a>
<br>
<br>
</div>
<br>
</td></tr></tbody></table>
<table align="center" bgcolor="" border="0" cellpadding="0" cellspacing="0" width="100%"><tbody><tr><td class="container" style="padding: 15px 15px;">
<div class="text-block" id="testing-id">
<a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Ftldr.tech%2Finfosec%2Fmanage%3Femail=silk.theater.56%2540fwdnl.com/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/DGZNi-6VuWruz6J9Ar-n0bRyNzXYJIOME4hCVMadv7o=452">Manage your subscriptions</a> to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please <a href="https://tracking.tldrnewsletter.com/CL0/https:%2F%2Fa.tldrnewsletter.com%2Funsubscribe%3Fep=1%26l=8d9cea11-3e94-11ed-9a32-0241b9615763%26lc=156924ca-84b7-11f0-8d58-47c5c04ad337%26p=e4f1cbb0-655e-11f1-aed7-513234910752%26pt=campaign%26pv=4%26spa=1781183019%26t=1781183373%26s=526ce32cd7b260378c72b09ac4cc2920a551071386d81f201ef75d6067633491/1/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/JwMDjUDkYsiD-JuiPVW73nmrmsCNeb032k693hzFBDU=452">unsubscribe</a>.
<br>
</div>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
</td></tr></tbody></table>
<img alt="" src="http://tracking.tldrnewsletter.com/CI0/0100019eb6cd60b1-0ef07a62-e653-4349-8e6b-a7b3ce9742e7-000000/nluPJqc4whota2O5ai7SU3ijVhIwTuA38Ki6F1Vknis=452" style="display: none; width: 1px; height: 1px;">
</body></html>