All topics
We are so back! After a bit of a hiatus, we’re very excited to be back with new Decipher content for you in all of the old familiar places. And also some new ones. Join Decipher editors Dennis Fisher and Lindsey O’Donnell-Welch as we start our new, independent phase, talk about what we’ve been up […]
The vulnerability (CVE-2025-7775) is a buffer overflow that can lead to remote code execution and attackers were already targeting it before the public disclosure.
CISA has issued an emergency directive regarding the recently disclosed and somewhat weird vulnerability in Microsoft Exchange hybrid deployments (CVE-2025-53786), ordering all civilian federal agencies to address the flaw by Aug. 11.
A group of attackers with ties to the Vietnamese cybercrime underground ecosystem are running a significant campaign across many different countries that is delivering the PXA Stealer malware and uses novel sideloading and anti-analysis techniques to slip past defensive measures. The campaign has targeted victims in more than 60 countries and the attackers have harvested […]
While law enforcement disruptions certainly have a positive impact, there are deep-rooted difficulties in measuring substantial long-term changes.
Microsoft has uncovered a long-running campaign by a threat group affiliated with Russian intelligence that has targeted diplomats working in Russia with a custom tool called ApolloShadow that enables the group to maintain persistence on victims’ devices as part of a cyberespionage operation. The group is known as Secret Blizzard and Microsoft’s researchers found that […]
