New MuddyWater Campaign Hits Israeli Targets
The victims in Israel span multiple industries, including technology, engineering, manufacturing, local government, and education.
Author Bio
Dennis Fisher
Editor
Dennis Fisher is an award-winning journalist and author. He is one of the co-founders of Decipher and Threatpost and has been writing about cybersecurity since 2000. Dennis enjoys finding the stories behind the headlines and digging into the motivations and thinking of both defenders and attackers. He is the author of 2.5 novels and once met Shaq. Contact: dennis at decipher.sc.
Featured Articles
New Shai Hulud NPM Worm Emerges
Researchers from Wiz are currently tracking more than 25,000 affected repositories across approximately 350 unique users.
DoJ Sanctions, the SEC Abandons the SolarWinds Action, and the FCC Reverses Course on Telecom Security
It’s an acronym-filled, government-only bonanza this week! We discuss the DoJ sanctioning Russian bulletproof hosting provider Media Land (0:53), the SEC dropping its enforcement action against SolarWinds and its CISO (13:25), and the FCC reversing course on a longstanding security rule for telecom providers (26:00).
Rich Mogull on the Cloudflare Outage, Resilience, and Single Points of Failure
Dennis is joined by Rich Mogull, chief analyst at the Cloud Security Alliance, cloud security trainer, and all around good guy to talk about the Cloudflare outage, why the internet is now just six companies, and what, if anything, organizations can do to improve their resilience in the current environment.
Fortinet CVE-2025-64446 Under Active Attack
That vulnerability (CVE-2025-64446) affects several versions of FortiWeb and CISA has added it to its Known Exploited Vulnerabilities catalog.
Lighthouse Phishing Kit Takedown, Zero Day Mysteries, and Measuring Cyber Attack Costs
This week was a bit of a throwback to olden times, with the disclosure by Amazon threat intelligence of zero days in Cisco and Citrix products that were exploited by an unnamed APT, and Google using legal action to disrupt the Lighthouse phishing service operation. We dig into those two stories, plus we discuss the […]