Decipher Security Podcast
The editors of Decipher talk with a rotating cast of security practitioners, researchers, and executives about a variety of topics in the security and privacy fields.
Decipher Security Podcast
A New Chinese APT Debuts and React2Shell Attacks Spike
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
The new year is here! And so are the attacks. The first full week of 2026 brought us new research from Cisco Talos on a China-nexus APT group called UAT-7290 that is expanding its targeting and serving as an initial access group as well as a cyber espionage team (3:02). There is also some great data from GreyNoise on the attack volume from actors trying to exploit the React2Shell vulnerability from December (8:26). The volume is holding steady at more than 300,000 sessions per day, which is...high.
Talos report: https://blog.talosintelligence.com/uat-7290/
GreyNoise report: https://www.greynoise.io/blog/cve-2025-55182-react2shell-opportunistic-exploitation-in-the-wild-what-the-greynoise-observation-grid-is-seeing-so-far