Reported details of the phishing attack that obtained John Podesta's password.

The article ends with claims about Russian cracking groups, but I can't tell from this article whether those claims are credible.

Craig Murray says that the Democratic Party emails came from a whistleblower, not from a cracker, and that he knows the whistleblower.

I trust Craig Murray, but I am not sure which of the conflicting stories is true.