Ciphers Security Articles by: Team Ciphers Security
Hugging Face and ClawHub Abused in Active Malware Distribution Campaign
News

Hugging Face and ClawHub Abused in Active Malware Distribution Campaign

Threat actors abuse Hugging Face and ClawHub with social engineering to deliver AMOS stealer and credential-theft malware targeting AI developers.

Read More
Unsafe Deserialization in Machine Learning: CVE-2026-25874, Pickle, and the Full AI Framework Attack Surface
Blog

Unsafe Deserialization in Machine Learning: CVE-2026-25874, Pickle, and the Full AI Framework Attack Surface

CVE-2026-25874 gives unauthenticated RCE in LeRobot (CVSS 9.8). Learn how unsafe deserialization in machine learning frameworks creates systemic risk.

Read More
Claude Mythos Has Found 271 Zero-Days in Firefox
News

Claude Mythos Has Found 271 Zero-Days in Firefox

That’s a lot . No, it’s an extraordinary number: Since February, the Firefox team has been working around the clock using frontier AI

Read More
Former Incident Responders Get 4 Years for BlackCat Ransomware Attacks
News

Former Incident Responders Get 4 Years for BlackCat Ransomware Attacks

Ryan Goldberg (Sygnia) and Kevin Martin (DigitalMint) sentenced to 4 years each for deploying BlackCat/ALPHV ransomware against US victims in 2023.

Read More
Anthropic Launches Claude Security to Combat the AI-Driven Exploit Surge
News

Anthropic Launches Claude Security to Combat the AI-Driven Exploit Surge

Anthropic's Claude Security initiative uses Claude Mythos Preview to help defenders find and patch vulnerabilities faster than AI-equipped attackers can exploit them.

Read More
AI Industrializes Cybercrime as Mean Time-to-Exploit Hits Negative Seven Days
News

AI Industrializes Cybercrime as Mean Time-to-Exploit Hits Negative Seven Days

Mandiant M-Trends 2026 and IBM X-Force data confirm AI has industrialized cybercrime — exploitation routinely precedes patching and 80% of ransomware now uses

Read More
EtherRAT Targets Enterprise Admins via 44 GitHub Facades and Ethereum Blockchain C2
News

EtherRAT Targets Enterprise Admins via 44 GitHub Facades and Ethereum Blockchain C2

EtherRAT deploys 44 spoofed GitHub repos to target enterprise admins with a blockchain-powered JavaScript RAT. Active since December 2025.

Read More
Vidar Stealer Detection 2026: YARA Rules, C2 Signatures, and Post-Compromise Credential Checklist
Blog

Vidar Stealer Detection 2026: YARA Rules, C2 Signatures, and Post-Compromise Credential Checklist

Vidar Stealer 2.0 detection guide: current YARA rules, Dead Drop Resolver C2 signatures, and post-compromise credential checklist for security teams.

Read More
BlueNoroff Fake Zoom Malware: IOCs, Attack Chain, and Defenses for Crypto Teams
Blog

BlueNoroff Fake Zoom Malware: IOCs, Attack Chain, and Defenses for Crypto Teams

BlueNoroff is using AI deepfakes in fake Zoom calls to deliver macOS malware to crypto executives. Learn the IOCs, attack chain, and detection

Read More
EnOcean SmartServer CVE-2026-20761 Opens Buildings to Remote Takeover
News

EnOcean SmartServer CVE-2026-20761 Opens Buildings to Remote Takeover

Claroty Team82 found two chained flaws in EnOcean SmartServer IoT — an ASLR bypass and RCE via IP-852 — exposing building automation networks

Read More