Security Without Fear

AI

Mister Decipher’s Neighborhood

It’s a beautiful day in the neighborhood for hacking! Come along on a magical adventure as Mr. Decipher teaches you about the dangers of brute-force attacks!

By Dennis Fisher

March 9, 2026 | 1 min read

Read more
Google

Google: Commercial Surveillance Vendors Dominated Zero-Day Exploitation in 2025

Out of 42 unique zero days tracked by Google in 2025, 18 were attributed to CSVs, while 15 were linked to state-sponsored espionage groups.

By Decipher

March 9, 2026 | 3 min read

Read more
Malware

Microsoft, Europol Disrupt Tycoon 2FA Phishing Service

The comprehensive effort, which involved seizing 330 active domains, cuts off a critical pipeline for account takeovers that targeted over 500,000 organizations and sent tens of millions of fraudulent emails monthly.

By Dennis Fisher

March 4, 2026 | 3 min read

Read more

Mister Decipher’s Neighborhood

March 9, 2026 | 1 min read

Google: Commercial Surveillance Vendors Dominated Zero-Day Exploitation in 2025

March 9, 2026 | 3 min read

Microsoft, Europol Disrupt Tycoon 2FA Phishing Service

March 4, 2026 | 3 min read

Playlist

The Zero Day Landscape, Tycoon 2FA Disruption, and KEVology

March 6, 2026 | 1 min read

CISA Google Microsoft Podcast

We Need to Talk About KEV With Tod Beardsley

March 2, 2026 | 1 min read

Video Vulnerability

Cisco SD-WAN Zero Day, Google Disrupts Chinese Campaign, and More Cyber on The Pitt

February 27, 2026 | 1 min read

Podcast Ransomware

China Targets Dell Flaw, New Ivanti Exploitation, and Cyber Shenanigans on The Pitt!

February 20, 2026 | 1 min read

Hackers Podcast Vulnerability

Topics

General

Intrusions

Law Enforcement

The Latest

Google: Commercial Surveillance Vendors Dominated Zero-Day Exploitation in 2025

Decipher

March 5, 2026

Out of 42 unique zero days tracked by Google in 2025, 18 were attributed to CSVs, while 15 were linked to state-sponsored espionage groups.

Microsoft, Europol Disrupt Tycoon 2FA Phishing Service

Dennis Fisher

March 4, 2026

The comprehensive effort, which involved seizing 330 active domains, cuts off a critical pipeline for account takeovers that targeted over 500,000 organizations and sent tens of millions of fraudulent emails monthly.

Q&A: Tod Beardsley on How to Use CISA’s KEV Catalog

Dennis Fisher

March 3, 2026

Without context, the KEV catalog is just a very large collection of data. Tod Beardsley is the former CISA KEV section chief, and he recently released a paper called KEVology that provides key context and evaluates the value of certain enrichment signals.

Cisco, NSA Warn of Attacks Targeting Catalyst SD-WAN Zero Day

Dennis Fisher

February 26, 2026

Cisco released software updates on Feb. 25 to fix the vulnerability, which affects both on-premises and cloud deployments of the Catalyst SD-WAN Controller.

Microsoft Uncovers New Malicious Campaign Targeting Developers

Dennis Fisher

February 25, 2026

This campaign is an offshoot of the more familiar and pervasive fake job interview and phony tech worker scams that have been coming from North Korea for several years.

Google Disrupts ‘Prolific, Elusive’ China-Linked Actor

Decipher

February 25, 2026

Google said it has found 53 victims that have been impacted by the group, which it has tracked since 2017.