Ciphers Security Articles by: Team Ciphers Security
PCPJack Cloud Worm Evicts TeamPCP and Steals 40+ Credential Types at Scale
News

PCPJack Cloud Worm Evicts TeamPCP and Steals 40+ Credential Types at Scale

PCPJack worm exploits 5 CVEs to compromise Docker, Kubernetes, and Next.js environments, stealing cloud credentials from 40+ services while evicting TeamPCP.

Read More
LLMs Used in OT Cyberattack Against Mexican Water Utility, Dragos Warns
News

LLMs Used in OT Cyberattack Against Mexican Water Utility, Dragos Warns

Dragos reports that Claude and GPT were used to plan and execute a cyberattack on a Mexican water facility's OT systems. AI independently

Read More
Daemon Tools Lite 12.5.1 Trojanized With Quic RAT in Build Pipeline Attack
News

Daemon Tools Lite 12.5.1 Trojanized With Quic RAT in Build Pipeline Attack

Daemon Tools Lite 12.5.1 was compromised between April 8 and May 5, 2026, delivering Quic RAT to thousands of systems across 100+ countries.

Read More
cPanel and WHM Patch Three Vulnerabilities Including RCE and Privilege Escalation
News

cPanel and WHM Patch Three Vulnerabilities Including RCE and Privilege Escalation

cPanel and WHM patch CVE-2026-29202 (CVSS 8.8 RCE), CVE-2026-29203 (CVSS 8.8 privilege escalation), and CVE-2026-29201 affecting 44,000+ servers. Update now.

Read More
ShinyHunters Defaces 330 Canvas Portals in Instructure Extortion Escalation
News

ShinyHunters Defaces 330 Canvas Portals in Instructure Extortion Escalation

ShinyHunters defaced Canvas login portals at 330 colleges and universities on May 7, 2026, escalating their Instructure extortion campaign with a May 12

Read More
CVE-2026-0300: Palo Alto PAN-OS Zero-Day RCE Exploited, No Patch Until May 13
News

CVE-2026-0300: Palo Alto PAN-OS Zero-Day RCE Exploited, No Patch Until May 13

CVE-2026-0300 is a critical buffer overflow in Palo Alto PAN-OS enabling unauthenticated root-level RCE on internet-exposed firewalls. CISA KEV confirmed. No patch until

Read More
Port Scanning Techniques: Nmap, Zenmap, and Scanning Through Firewalls
Blog

Port Scanning Techniques: Nmap, Zenmap, and Scanning Through Firewalls

Master every port scanning technique in Nmap: SYN, NULL, FIN, Xmas, Idle scans, firewall evasion, Zenmap, Masscan, and RustScan for red team recon.

Read More
Oracle Monthly Critical Security Patch Updates (CSPU) Guide: Runbook Changes and Verification Automation
Blog

Oracle Monthly Critical Security Patch Updates (CSPU) Guide: Runbook Changes and Verification Automation

Oracle's monthly critical security patch update (CSPU) starts May 28, 2026. Update your runbook and automate OPatch verification for critical Oracle patches.

Read More
Google Chrome Downloads 4GB Gemini Nano AI to Your Device Without Asking
News

Google Chrome Downloads 4GB Gemini Nano AI to Your Device Without Asking

Google Chrome silently writes a 4GB Gemini Nano AI model to user devices without consent, reinstalls it if deleted, and may violate EU

Read More
CVE-2026-6973: Ivanti EPMM Zero-Day Under Active Exploitation — Patch by May 10
News

CVE-2026-6973: Ivanti EPMM Zero-Day Under Active Exploitation — Patch by May 10

CISA added CVE-2026-6973, an Ivanti EPMM RCE zero-day, to its KEV catalog. Federal agencies must patch to versions 12.6.1.1/12.7.0.1/12.8.0.1 by May 10, 2026.

Read More