Daemon Tools Backdoored ⛓️, Robot Mower Hijacked 🚜 , 38 OpenEMR CVEs Found 🩺

Q: AISLE disclosed 38 CVEs in OpenEMR including two CVSS 10.0 SQL injections enabling RCE, affecting 10

AISLE disclosed 38 CVEs in OpenEMR including two CVSS 10.0 SQL injections enabling RCE, affecting 100,000+ medical providers and requiring immediate upgrade past version 8.0.0.

Q: Daemon Tools installers were backdoored with a vendor-signed certificate between April 8 and early M

Daemon Tools installers were backdoored with a vendor-signed certificate between April 8 and early May, deploying QUIC RAT to over 100 organizations across 100+ countries via a supply chain attack.

Q: GitGuardian researchers detected 28,000 LLM-generated credentials in GitHub using Markov chain finge

GitGuardian researchers detected 28,000 LLM-generated credentials in GitHub using Markov chain fingerprinting, with Anthropic, Qwen, and Google models accounting for 63% of flagged passwords.

TLDR·Friday, May 8, 2026·8 min read

Technology Engineering

Share𝕏 in

AI Summary

This edition covers multiple critical security vulnerabilities including 38 CVEs in OpenEMR affecting 100,000+ medical providers, a backdoored Daemon Tools installer affecting 100+ organizations, and a root-level exploit in a 4G industrial router. Additional coverage includes AI-generated password detection research, supply chain attack vectors via AI agent skill files, and new open-source security tools for AI infrastructure testing.

Key Facts

✓AISLE disclosed 38 CVEs in OpenEMR including two CVSS 10.0 SQL injections enabling RCE, affecting 100,000+ medical providers and requiring immediate upgrade past version 8.0.0.

✓Daemon Tools installers were backdoored with a vendor-signed certificate between April 8 and early May, deploying QUIC RAT to over 100 organizations across 100+ countries via a supply chain attack.

✓GitGuardian researchers detected 28,000 LLM-generated credentials in GitHub using Markov chain fingerprinting, with Anthropic, Qwen, and Google models accounting for 63% of flagged passwords.

Author Takes

BearishTLDR InfoSec

AI vibe-coding app security

Vibe-coding platforms like Replit, Lovable, and Base44 are producing insecure apps that leak sensitive data including hospital records and financial information with little or no authentication.

BearishTLDR InfoSec

LLMs as password generators

LLMs should be prohibited as password generators because their statistical biases make outputs detectable and far more efficiently crackable than brute-force.

Contrarian Angle

AES-GCM replacing Traditional CBC encryption with static XOR key

Salesforce shipped AES-GCM to replace a legacy XOR scheme with a static repeating key after Searchlight Cyber demonstrated cross-tenant data exposure.

Engineers switching from Traditional CBC encryption with static XOR key to AES-GCM

More from TLDR

Opus 4.7 Fast ⚡, Qwen Image 2.0 🖼️, serverless GPUs ✨

TLDR AI covers the launch of fast mode for Claude Opus 4.7 in research preview, Meta's Muse Spark model powering voice and glasses features, and Googl

May 13

CheckMarx Jenkins Hit ⚙️, OpenAI Daybreak 🤖, Best Western Breached 🏨

This cybersecurity newsletter covers a supply-chain attack on CheckMarx's Jenkins plugin by TeamPCP, a Shai-Hulud npm worm that compromised 42 @tansta

May 13

The Agent Mess Gets Real 🤖, Cyber Gets Autonomous ⚔️, Cloud’s New Pitch 🏗️

This TLDR IT edition covers OpenAI's new Daybreak cybersecurity initiative, a $125M Series B for AI security startup Exaforce, and GitLab's org restru

May 13