Reports
AI-generated structured vendor updates
FortiGate Firewalls Breached: 430K Devices Targeted with VPN Credential Sniffing
Attackers compromised approximately 430,000 FortiGate firewalls worldwide, deploying custom sniffers to intercept VPN credentials. The operation is linked to INC Ransom and Lynx ransomware groups, highlighting a new attack surface on edge devices that bypasses traditional EDR/SIEM.
OpenClaw Vulnerabilities Reveal Host Execution Environment as New Attack Surface for AI Assistants
Three critical vulnerabilities (CVSS 8.8/8.4) in OpenClaw's personal AI assistant enable command injection and path traversal, leading to host RCE. This confirms the host execution environment as a new attack surface for AI assistants, blending traditional exploits with AI agent risks.
WhiteFiber and DriveNets Achieve 111.2 Tbps Cross-DC AI Fabric, Breaking Power Constraints
WhiteFiber announces Project Redwood, partnering with DriveNets Ethernet AI fabric (FSE, VOQ, deep buffers), WEKA storage, and NVIDIA H200 GPUs, achieving 111.2 Tbps bandwidth and 0.9ms latency over 83km dark fiber, treating two geographically separated GPU clusters as a single logical supercluster. Commercialization planned for Q3 2026.
Intel押注3D堆叠AI芯片 18A-PT+Foveros Direct 3D+EMIB-T全栈整合
...
Microsoft Takes Over OpenAI's Arctic Data Center, Seizing AI Compute Control
Microsoft leases a data center in Norway's Arctic Circle from Nscale, deploying 30,000 NVIDIA Vera Rubin GPUs, filling the gap left by OpenAI's retreat. OpenAI slashes its 2030 infrastructure budget from $140B to $60B. Microsoft surpasses OpenAI in AI compute capacity and gains geographical redundancy.
Meta Invests $9.17B in Canada AI Data Center, Iris AI Chip Mass Production Begins MTIA Roadmap
Meta announced a $9.17B AI data center in Canada with 1GW capacity, and its first in-house AI chip Iris will mass produce in September, kicking off the MTIA four-generation roadmap. Meta targets 14GW compute by 2027, using 6-month chip iterations to challenge NVIDIA's annual cadence and reduce GPU dependency.
Palo Alto Networks PAN-OS Vulnerabilities: Buffer Overflow and Active Exploitation
Palo Alto Networks disclosed 13 PAN-OS vulnerabilities, with the most critical being CVE-2026-0288 (CVSS 9.2), a buffer overflow in User-ID TSA allowing unauthenticated RCE. CVE-2026-0257, an authentication bypass in GlobalProtect, is actively exploited in the wild.
Anthropic Locks 3.5GW TPU Compute with Broadcom, Signaling Shift to Custom AI ASICs
Broadcom's Q2 FY2026 filing reveals a 3.5GW TPU compute deal with Anthropic starting 2027. This marks a strategic shift from general-purpose GPUs to custom ASICs for AI workloads, with OpenAI and Meta making similar multi-GW commitments, signaling a fundamental change in AI infrastructure.
PrismML's 1-bit Compression: 27B Qwen Model Runs Fully on iPhone 17 Pro in 4GB
PrismML compressed a 27B-parameter dense LLM (Qwen 3.6) to 4GB, running fully on iPhone 17 Pro. Using native 1-bit quantization (weights as {-1, +1}), it achieves >92% compression, 8x faster inference, and 75-80% energy reduction. This challenges Apple's sparse architecture, potentially shifting edge AI from cloud-reliant to device-native.
Huawei Ascend 10K-Card Cluster Goes Live, UnifiedBus Protocol Pools All Resources
Huawei launched an Ascend 10,000-card AI cluster in Shaoguan, Guangdong, and showcased the Atlas 950 SuperPoD with its proprietary UnifiedBus interconnect supporting 8,192 NPUs at 16.3 PB/s. Huawei Cloud also entered the Gartner 2026 Cloud AI Infrastructure Leaders quadrant, reinforcing its push for a self-contained AI ecosystem.
Samsung GAIA AI PC Chip Samples with Memory-Centric NPU, Targeting 50 TOPS
Samsung launches GAIA AI PC processor with 4nm process and memory-centric NPU, integrating LPDDR5X controller with NPU for near-memory computing, achieving 40% energy efficiency improvement and 50 TOPS. Certified for Microsoft Copilot+ PC, Lenovo to adopt in Q4 2026.
AWS Sells Trainium 3 Externally, Challenging NVIDIA's AI Training Chip Dominance
AWS begins external sales of its Trainium 3 AI training chip, fabricated on TSMC 3nm process, delivering 2.52 PFLOPS per chip. Early customers include Anthropic and Uber. This move directly challenges NVIDIA's dominance and marks AWS's strategic shift from cloud provider to chip vendor.
AMD's Experimental Topological Ghost Protocol Boosts MI300X Inference 10x
AMD introduces experimental Topological Ghost Protocol (TGP) on MI300X GPUs, achieving 431 tokens/sec with 100% success in high-concurrency inference, 10x improvement over standard vLLM. TGP uses KV-cache recycling and segmented state management, still experimental but potentially redefining AI inference benchmarks.
Towards Feature Complete Triton Support in JAX-Triton â ROCm Blogs
...
OpenAI GPT-5.6发布测试
...
OpenAI Reopens with GPT-oss Models: Apache 2.0 License Hides Cloud Offload Control
OpenAI launches GPT-oss-120b and GPT-oss-20b under Apache 2.0 license, capable of running on a single 80GB GPU. However, a built-in cloud offload mechanism routes complex queries to proprietary models, masking a strategic control point shift behind the open-source facade.
Google Gemini 3.5 Pro Rebuilds from Scratch: 2M Token Context Window Reshapes AI Frontier
Google DeepMind targets July 17 for Gemini 3.5 Pro, a full architectural rewrite of its pretraining stack to overcome deficits in math reasoning, SVG generation, and image quality. Specs include a 2M token context window, Deep Think reasoning layer, and multi-step autonomous workflows, though unconfirmed by Google.
SambaNova完成11亿美元融资估值110亿美元:推理芯片新格局确立
...
GhostApproval Vuln Exposes Systemic AI Coding Tool Flaw: Symlink Bypass in Human Review
Wiz Research discloses GhostApproval vulnerability affecting six major AI coding tools (Claude Code, Codex, Cursor, Amazon Q, Antigravity). Attackers use symlinks to bypass human review, achieving persistent remote access. The flaw reveals fundamental UI-level security gaps in Human-in-the-Loop mechanisms as agent permissions expand, requiring a redesign of confirmation workflows.
CrowdStrike Capitalizes on 5x AIDR Growth to Enter Identity Security, Seizing AI Runtime Control Plane
CrowdStrike reports 5x growth in its AIDR product, expanding into identity security. AIDR monitors AI app data flows, detects prompt injection and model jailbreaks, and launches Shadow AI Discovery for Endpoint to auto-discover AI apps and LLM runtimes on endpoints. This signals a control plane shift from traditional endpoint detection to converged AI workload and identity security.