ONEFLIP AI Model Backdoor 👾, Python Malicious Code Tracking 🐍 , Google Android Developer Verification 👀

ONEFLIP is a Rowhammer-based attack that can insert backdoors into AI models by flipping just a single bit in DRAM memory during inference ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌  ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ ‌ 

Sign Up |Advertise|View Online TLDR Together With TLDR Information Security 2025-08-27 The budget-friendly guide to improving network security (Sponsor) Small and medium-sized businesses face the same cyber threats as large enterprises, but don't have $100K+ to drop on security solutions. Remote work has made this worse, with endpoints scattered across unsecured networks - rendering traditional perimeter security obsolete. That leaves SMBs with one main line of defense: business VPN. Unlike firewalls or antivirus software that tackle single attack vectors, a VPN creates encrypted tunnels for all traffic while establishing secure perimeters regardless of employee location. Learn about the common threats SMBs face, and how they can tackle them affordably with business VPN. Get the free guide: The Security Supersolution Every Business Can Afford 🔓 Attacks & Vulnerabilities Rowhammer attack can backdoor AI models with one devastating bit flip (5 minute read) ONEFLIP is a Rowhammer-based attack that can insert backdoors into AI models by flipping just a single bit in DRAM memory during inference. The attack targets vulnerable weights in the final classification layer of neural networks, allowing attackers to craft imperceptible trigger patterns that cause catastrophic misclassification (such as making self-driving cars misidentify stop signs as speed limit signs) while maintaining normal model accuracy for other inputs. It requires access to a white-box model and co-location on the target machine with DDR3/DDR4 memory, making it particularly concerning for multi-tenant cloud platforms and AI inference servers. CISA Warns of Actively Exploited Git Code Execution Flaw (2 minute read) A new arbitrary code execution flaw in Git is being actively exploited. The vulnerability stems from Git mishandling carriage return characters in configuration files, which can lead to incorrect submodule path resolution. Attackers can exploit this vulnerability by publishing repositories with submodules that end in a carriage return (\r) and creating a crafted symlink with a malicious hook set up. Healthcare Services Group Data Breach Impacts 624,000 (2 minute read) A cyberattack on Healthcare Services Group exposed the personal data of over 624,000 people, including Social Security numbers and financial info, in late 2024. No identity theft has been reported, but victims have been offered free credit monitoring. 🧠 Strategies & Tactics Agentic Browser Security: Indirect Prompt Injection in Perplexity Comet (6 minute read) An indirect prompt injection vulnerability in Perplexity Comet allows attackers to embed malicious instructions in webpage content, hijacking AI assistants and stealing sensitive data across authenticated sessions. The attack exploits Comet's inability to distinguish between user instructions and untrusted webpage content, allowing attackers to extract OTPs, access banking accounts, and perform unauthorized actions without the user's knowledge. Defenders should implement clear separation between user commands and webpage content, require explicit user confirmation for sensitive actions, and isolate agentic browsing from regular browsing sessions. Enumerating AWS the Quiet Way: CloudTrail-Free Discovery With Resource Explorer (5 minute read) DataDog discovered a now-patched enumeration technique for AWS that evades CloudTrail logging. AWS Resource Explorer is a service that provides a web-search-like interface for discovering resources in an account. The researchers found that the ListResources API call was previously categorized as a data event and, therefore, did not log to CloudTrail by default. AWS reclassified the call as a management event, which logs to CloudTrail by default, after DataDog alerted it to this technique. Tracking malicious code execution in Python (4 minute read) This article discusses techniques that cyber attackers use to hide malicious code execution in Python, focusing on the obfuscation of dangerous functions such as exec and eval. It explains how attackers bypass security tools using methods such as homoglyphs, built-in modules, variable reassignment, import tricks, and code obfuscation (e.g., with base64). The article introduces a static analysis library that detects these tricks, highlighting that tracking such abuses is challenging. It emphasizes the importance of combining automated analysis with human review for effective defense. 🧑‍💻 Launches & Tools SANS publishes new security awareness benchmarks: check if your program is built to scale (Sponsor) Based on input from over 2,700 practitioners across 70+ countries, the 2025 Security Awareness Report is a blueprint for embedding security into culture and reducing human risk. Use the findings to compare your own performance to industry benchmarks, assess maturity, gain leadership buy-in, and uncover gaps in workforce resilience. Want to take steps to improve? Explore SANS Workforce Training & Resources. UltimateLsassDumper (GitHub Repo) UltimateLsassDumper guides users through eight LSASS dumping techniques: Task Manager automation, rundll32-comsvcs minidump, MiniDumpWriteDump API, handle duplication, PssCaptureSnapshot, SilentProcessExit registry tweaks, and entire memory read using ReadProcessMemory. It explains methods with code examples, comparing benefits like avoiding child processes, disk writes, and detection. It also discusses modern mitigations such as LSA Protection (PPL) and Credential Guard (VBS/VTL), with bypass options via vulnerable drivers, PPL bypasses, and downgrades. Eve (GitHub Repo) Eve is a Jamf exploitation toolkit used to interact with either cloud hosted or locally hosted Jamf Pro tenants using API calls. Sbomqs (GitHub Repo) Sbomqs is a tool for evaluating SBOM quality, ensuring compliance, and managing your software supply chain security. From quality scoring to compliance validation, component analysis to vulnerability tracking - Sbomqs provides everything you need to work with SBOMs effectively. 🎁 Miscellaneous Why SIEM Rules Fail and How to Fix Them: Insights from 160 Million Attack Simulations (4 minute read) The Picus Blue Report 2025 analyzed 160 million attack simulations and found organizations detect only 1 out of 7 attacks, with 50% of failures attributed to log collection issues, including source coalescing, unavailable log sources, and network disruptions. Additional failure causes include rule misconfigurations (13%) and performance bottlenecks (24%) from resource-heavy rules and inefficient queries that overwhelm systems. Organizations must implement continuous validation through breach and attack simulation to test rules against evolving TTPs, optimize log collection pipelines, and tune detection thresholds to close critical security gaps. Blistering Wyden letter seeks review of federal court cybersecurity, citing 'incompetence,' 'negligence' (2 minute read) Senator Ron Wyden demanded that Chief Justice Roberts authorize an independent cybersecurity review of federal courts following allegations that Russian hackers had stolen sealed case data from systems with vulnerabilities that had been left unfixed for five years. Wyden criticized the judiciary's failure to implement mandatory cybersecurity requirements, slow adoption of phishing-resistant multifactor authentication, and a pattern of stonewalling congressional oversight about previous breaches. The letter highlights systemic cybersecurity failures in the handling of critical government infrastructure, including classified national security documents and sealed criminal investigations. Salesloft Breached to Steal OAuth Tokens for Salesforce Data-Theft Attacks (2 minute read) Hackers breached the sales automation platform Salesloft to steal OAuth and refresh tokens via its Drift chat agent integration with Salesforce. Salesloft's SalesDrift platform connects the Drift AI chat agent with a Salesforce instance, allowing organizations to sync conversations, leads, and support cases into their CRM. Salesloft determined that this breach only impacted customers who use the Drift-Salesforce integration and has worked with Salesforce to revoke all active sessions and refresh tokens for the Drift application. ⚡ Quick Links FCC removes 1,200 voice providers from telephone networks in major robocall crackdown (3 minute read) The FCC blocked 1,200 voice service providers from U.S. phone networks for failing to comply with STIR/SHAKEN caller authentication requirements and robocall mitigation protocols. Google to Verify All Android Developers in 4 Countries to Block Malicious Apps (3 minute read) Google, aiming to prevent malicious apps and enhance security, will require all Android app developers in Brazil, Indonesia, Singapore, and Thailand to verify their identities by September 2026. French Retailer Auchan Cyberattack - Thousands of Customers' Personal Data Exposed (2 minute read) Auchan suffered a cyberattack that exposed the loyalty program data of hundreds of thousands of customers, prompting alerts, phishing warnings, and a response to its second major breach in nine months. Love TLDR? Tell your friends and get rewards! Share your referral link below with friends to get free TLDR swag! https://refer.tldr.tech/dc263000/8 Track your referrals here. Want to advertise in TLDR? 📰 If your company is interested in reaching an audience of cybersecurity professionals and decision makers, you may want to advertise with us. Want to work at TLDR? 💼 Apply here or send a friend's resume to jobs@tldr.tech and get $1k if we hire them! If you have any comments or feedback, just respond to this email! Thanks for reading, Prasanna Gautam, Eric Fernandez & Sammy Tbeile Manage your subscriptions to our other newsletters on tech, startups, and programming. Or if TLDR Information Security isn't for you, please unsubscribe.