Hey friends! We're doing a cool thing with our cool friends at Material Security in April. Come watch HACKERS with us in Austin and nod along at the precise technical accuracy and very normal dialogue! material.security/theater-2026

Austin hacker friends, go see this movie! You'll love it. @mattjay.com

🚨 New podcast has arrived! 🚨 🇨🇳 Chinese threat actors target Dell bug 💻 Attackers exploit Ivanti EPMM flaw ⚕️ Cyber shenanigans come to HBO's THE PITT open.spotify.com/episode/4PmS...

Start your weekend off the right way, with @rmogull.com in a storm trooper helmet, and @dennisf.bsky.social and Wade Baker laughing like fools. youtu.be/FHZC6i-co8Y?...

“Threat actors are accelerating operations, moving from initial reconnaissance to deploying dormant backdoors." @paloaltonetworks.com decipher.sc/2026/02/19/r...

“The initial access vector for these incidents was not confirmed, but UNC6201 is known to target edge appliances." @mandiant.com decipher.sc/2026/02/18/c...

The Force is strong in this one. Wade Baker and @rmogull.com join @dennisf.bsky.social to talk about the hacker themes of STAR WARS and why R2D2 is the emotional center of the movie (and a great hacker!) youtu.be/FHZC6i-co8Y?...

If you want to know how hackers think, listen to people who hack things, like Ryan Dewhurst of @labs.watchtowr.com.web.brid.gy. youtu.be/5WznmQpJnj4?...

Our next hacker movie podcast is a weird little 70s film called STAR WARS. We're recording this weekend with legendary nerds @rmogull.com and Wade Baker, two true scholars of the Lucasfilm Universe.

🚨 New podcast is out! 🚨 💻 @security.microsoft.com patches 6 actively exploited bugs 🍎 Apple patches a zero day in iOS 📺 A fun look back at the legendary CSI: Cyber episode with Charlie Miller and Chris Valasek Oh, and a preview of our next hacker movie pod! open.spotify.com/episode/2Zi8...

What advantages do defenders have and how can they emply them to stay ahead of adversaries? We chatted with Ryan Dewhurst of @labs.watchtowr.com.web.brid.gy to find out. youtu.be/5WznmQpJnj4?...

Brand new podcast episode is here to brighten up your Monday! We chatted with Ryan Dewhurst of @labs.watchtowr.com.web.brid.gy ! youtu.be/5WznmQpJnj4?...

New @silentpush.bsky.social research on a novel variant of the SystemBC 🤖 decipher.sc/2026/02/04/n...

Sometimes I post paywalled Post articles. Usually I post marketing ones, free with account creation unless you have one. Sometimes I post free archive versions, which you also can figure out how to find without me. This week is not the time to shout at me for posting a version that pays reporters.

Some very interesting data analysis from our friends at @greynoise.io on the silent changes CISA makes to the KEV catalog regarding exploitation by ransomware gangs. www.greynoise.io/blog/unmaski...

With perfect pitch, Joe Engressia Jr, aka #Joybubbles, discovered that he could whistle specific tones into a phone handset and bend the analog network to his will (If you’re noticing a similarity between Engressia and the character Whistler in Sneakers, that’s not a coincidence)

We don't write about movies often but when we do, we write about hacker movies, like JOYBUBBLES from @charmingstranger.com at @sundance.org decipher.sc/2026/02/02/p...

Google Mandiant researchers said the campaign has successfully used voice phishing and credential harvesting sites to pilfer both single sign-on (SSO) credentials and multi-factor authentication (MFA) codes. decipher.sc/2026/02/02/g...

It's not Friday without an actively exploited bug! decipher.sc/2026/01/30/i...

🚨 New @deciphersec.bsky.social podcast is up! 🪲 New Fortinet SSO auth bypass exploitation 🪲 Attacks on old WinRAR flaw 🖥️ Google disrupts IPIDEA proxy network 📹 And shoutouts to some fave creators: @ryanaraine.bsky.social @johnhammond.bsky.social @mattjay.com open.spotify.com/episode/5k9x...

Signal will never message you like this. If you get a message like this, SOMEONE IS TRYING TO HACK YOUR SIGNAL. DO NOT GIVE THEM THAT CODE.

More Fortinet targeting. decipher.sc/2026/01/28/f...

Wow - Office security feature bypass patched OOB after active exploitation detected. Path now - CVE-2026-21509. At least the Preview Pane isn't an attack vector. msrc.microsoft.com/update-guide...

UPDATE: Fortinet has published some info on these attacks and the new path they're using. decipher.sc/2026/01/22/f...

The remote code execution flaw (CVE-2026-20045) exists in Cisco’s lineup of products for voice, video, and mobility services for endpoints and applications. decipher.sc/2026/01/22/c...

This is how you start a security advisory: "If you are tired of modern age vulnerabilities, and remember the good old times on bugtraq, I hope you will appreciate this one." www.openwall.com/lists/oss-se...

🚨 This week's podcast is up now! In this episode we break down: ✅ The RedVDS cybercrime platform takedown by @security.microsoft.com ✅ New @talosintelligence.com research on UAT-8837 Chinese APT activity ✅ The very cool StackWarp bug by @rayiizzz.bsky.social and team decipher.sc/podcasts/the...

A Chinese APT group has focused last year on compromising critical infrastructure across North America. Cisco has linked multiple intrusions to a group it tracks as UAT-8837. blog.talosintelligence.com/uat-8837/

“Microsoft tracks the threat actor who develops and operates RedVDS as Storm-2470. We have observed multiple cybercriminal actors, including Storm-0259, Storm-2227, Storm-1575, Storm-1747." decipher.sc/2026/01/14/m...

Our latest podcast is out and it's a very fun and insightful conversation with Jeremiah Grossman and Robert Hansen on vulnerability management, building a new platform from scratch at Root Evidence, and very fast cars 🏎️ youtu.be/5eSgyYSEP0s?...

Coming up tomorrow on the podcast: Jeremiah Grossman and Robert Hansen join @dennisf.bsky.social to talk about Jeremiah's car collection. Oh, and some vulnerability management stuff they're building at Root Evidence. Subscribe here: www.youtube.com/@DecipherSec

First podcast of 2026 is up! 🎙️ ✅ New Chinese APT UAT-7290 gets busy ✅ Attacks against CVE-2025-55182 React2Shell 📈 ✅ News about upcoming podcast guests (spoiler alert!) decipher.sc/podcasts/a-n...

Research from @greynoise.io shows a sustained attack volume in the 300k-400k per day range against CVE-2025-55182 React2Shell bug. decipher.sc/2026/01/07/r...

Listen to our buddies. (They actually are our buddies, which is cool, right??)

We approve of the fashion choice!

Patch, patch, patch. decipher.sc/2025/12/29/s...

Order a Little Nero's cheese pizza and enjoy! youtu.be/9lCl5Cqsh0s?...