Decipher is Everyone
We’re optimists, and that’s reflected in the mission statement we coined when we first launched in 2018: Security without fear.
All topics
Articles
77 Posts
UNC6395 Expands Data Theft Campaign to Email OAuth Tokens
Google researchers discovered the new attacks and are advising all customers to treat any authentication tokens for those integrations as compromised.
US Gov Links Private Chinese Firms to Salt Typhoon Hacks
Salt Typhoon has not been observed exploiting zero-day flaws, but instead targeting known bugs in exposed network edge devices - some of which are years old.
Citrix CVE-2025-7775 Under Active Attack
The vulnerability (CVE-2025-7775) is a buffer overflow that can lead to remote code execution and attackers were already targeting it before the public disclosure.
DoJ Seizes $2.8M Linked to Zeppelin Ransomware
The DoJ raked back $2.8 million in crypto, as well as cash and a stolen vehicle, belonging to an alleged operator of the Zeppelin ransomware.
CISA, Microsoft Warn of Exchange CVE-2025-53786 Risk
CISA has issued an emergency directive regarding the recently disclosed and somewhat weird vulnerability in Microsoft Exchange hybrid deployments (CVE-2025-53786), ordering all civilian federal agencies to address the flaw by Aug. 11.