Ciphers Security Articles by: Team Ciphers Security
Fast16 Malware Reverse-Engineering: State-Sponsored Computation Sabotage Analysis
Blog

Fast16 Malware Reverse-Engineering: State-Sponsored Computation Sabotage Analysis

Fast16 malware reverse-engineered: a 2005 US-attributed tool that silently corrupted scientific computation in Iran, predating Stuxnet by five years. Full IOC list.

Read More
Cisco Acquires Astrix Security to Secure AI Agents and Non-Human Identities
News

Cisco Acquires Astrix Security to Secure AI Agents and Non-Human Identities

Cisco announced intent to acquire Astrix Security for up to $400M, adding non-human identity (NHI) discovery and management for AI agents, API keys,

Read More
CVE-2026-42354: Sentry SAML SSO Flaw Enables Full Account Takeover — PoC Available
News

CVE-2026-42354: Sentry SAML SSO Flaw Enables Full Account Takeover — PoC Available

CVE-2026-42354 lets attackers impersonate any Sentry user via forged SAML assertions. Self-hosted 21.12.0–26.1.0 affected. PoC public. Patch to 26.4.1.

Read More
Four Critical Apache Polaris Vulnerabilities (CVSS 9.9) Allow Cloud Storage Credential Hijacking
News

Four Critical Apache Polaris Vulnerabilities (CVSS 9.9) Allow Cloud Storage Credential Hijacking

CVE-2026-42809, 42810, 42811, 42812 in Apache Polaris allow credential hijacking on S3 and GCS. Upgrade to 1.4.1 immediately.

Read More
CVE-2026-22679: Weaver E-cology RCE Exploited Since March — Patch Now
News

CVE-2026-22679: Weaver E-cology RCE Exploited Since March — Patch Now

CVE-2026-22679 is a CVSS 9.8 unauthenticated RCE in Weaver E-cology 10.0. Active exploitation since mid-March 2026. Public PoC available. Patch to build 20260312

Read More
Pentagon Deploys AI on Classified IL6/IL7 Networks: AWS, Google, Microsoft, OpenAI, NVIDIA, SpaceX, Reflection, Oracle
News

Pentagon Deploys AI on Classified IL6/IL7 Networks: AWS, Google, Microsoft, OpenAI, NVIDIA, SpaceX, Reflection, Oracle

The US Department of Defense has signed agreements with eight AI companies to deploy their models on classified IL6 and IL7 networks. Anthropic

Read More
Fraudsters Target Credit Unions With Structured Loan Fraud, Bypassing KBA Using Dark Web Data
News

Fraudsters Target Credit Unions With Structured Loan Fraud, Bypassing KBA Using Dark Web Data

Flare research reveals how fraudsters exploit credit union loan workflows using stolen identities and KBA bypass—no hacking required, just stolen data and process

Read More
OpenAI Launches Advanced Account Security for ChatGPT: Passkeys, Shorter Sessions, No Passwords
News

OpenAI Launches Advanced Account Security for ChatGPT: Passkeys, Shorter Sessions, No Passwords

OpenAI's new Advanced Account Security for ChatGPT requires passkeys or hardware keys, disables email/SMS recovery, and shortens login sessions. Mandatory for Trusted Access

Read More
Hacking Polymarket: Weather Sensor Tampering, Insider Trading, and the Oracle Problem
News

Hacking Polymarket: Weather Sensor Tampering, Insider Trading, and the Oracle Problem

Polymarket bettors physically tampered with a Météo France sensor to win $34K on weather bets. Separately, a trader allegedly used insider knowledge to

Read More
Pro-Russia Hacktivists Target Water, Food, and Energy OT Systems via Exposed VNC
News

Pro-Russia Hacktivists Target Water, Food, and Energy OT Systems via Exposed VNC

CISA, FBI, NSA and global partners warn that pro-Russia hacktivist groups CARR, NoName057(16), and Z-Pentest are exploiting internet-facing VNC to attack OT systems

Read More