The new year is here! And so are the attacks. The first full week of 2026 brought us new research from Cisco Talos on a China-nexus APT group called UAT-7290 that is expanding its targeting and serving as an initial access group as well as a cyber espionage team (3:02). There is also some great data from GreyNoise on the attack volume from actors trying to exploit the React2Shell vulnerability from December (8:26). The volume is holding steady at more than 300,000 sessions per day, which is.....
All content for Decipher Security Podcast is the property of Decipher and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
The new year is here! And so are the attacks. The first full week of 2026 brought us new research from Cisco Talos on a China-nexus APT group called UAT-7290 that is expanding its targeting and serving as an initial access group as well as a cyber espionage team (3:02). There is also some great data from GreyNoise on the attack volume from actors trying to exploit the React2Shell vulnerability from December (8:26). The volume is holding steady at more than 300,000 sessions per day, which is.....
React2Shell, Typhoon Attacks, and Why Our Infrastructure is So Vulnerable
Decipher Security Podcast
33 minutes
1 month ago
React2Shell, Typhoon Attacks, and Why Our Infrastructure is So Vulnerable
Dennis and Lindsey react (!) to the React2Shell vulnerability disclosure and the quick exploitation of it by Chinese threat actors, then discuss the continues intrusions into critical infrastructure by the Salt Typhoon actors and this week's congressional hearing on telecom network security. Finally, we talk about some upcoming hacker movie episodes, including Die Hard and maybe Home Alone! Support the show
Decipher Security Podcast
The new year is here! And so are the attacks. The first full week of 2026 brought us new research from Cisco Talos on a China-nexus APT group called UAT-7290 that is expanding its targeting and serving as an initial access group as well as a cyber espionage team (3:02). There is also some great data from GreyNoise on the attack volume from actors trying to exploit the React2Shell vulnerability from December (8:26). The volume is holding steady at more than 300,000 sessions per day, which is.....
