Reports
AI-generated structured vendor updates
FortiGate Firewalls Breached: 430K Devices Targeted with VPN Credential Sniffing
Attackers compromised approximately 430,000 FortiGate firewalls worldwide, deploying custom sniffers to intercept VPN credentials. The operation is linked to INC Ransom and Lynx ransomware groups, highlighting a new attack surface on edge devices that bypasses traditional EDR/SIEM.
OpenClaw Vulnerabilities Reveal Host Execution Environment as New Attack Surface for AI Assistants
Three critical vulnerabilities (CVSS 8.8/8.4) in OpenClaw's personal AI assistant enable command injection and path traversal, leading to host RCE. This confirms the host execution environment as a new attack surface for AI assistants, blending traditional exploits with AI agent risks.
Palo Alto Networks PAN-OS Vulnerabilities: Buffer Overflow and Active Exploitation
Palo Alto Networks disclosed 13 PAN-OS vulnerabilities, with the most critical being CVE-2026-0288 (CVSS 9.2), a buffer overflow in User-ID TSA allowing unauthenticated RCE. CVE-2026-0257, an authentication bypass in GlobalProtect, is actively exploited in the wild.
GhostApproval Vuln Exposes Systemic AI Coding Tool Flaw: Symlink Bypass in Human Review
Wiz Research discloses GhostApproval vulnerability affecting six major AI coding tools (Claude Code, Codex, Cursor, Amazon Q, Antigravity). Attackers use symlinks to bypass human review, achieving persistent remote access. The flaw reveals fundamental UI-level security gaps in Human-in-the-Loop mechanisms as agent permissions expand, requiring a redesign of confirmation workflows.
OpenAI Launches GPT-5.6 Series, Regulatory Compliance Becomes Prerequisite for Frontier Models
OpenAI releases GPT-5.6 series with Sol achieving 96.7% SOTA on Terminal-Bench 2.1 via Ultra mode with sub-agent parallelism. Terra matches GPT-5.5 at half price, Luna for low-cost high-concurrency. Initial access limited to 20 trusted partners, subject to US government safety review.
Google Cloud Launches Blackwell GPU Confidential VM & Open-Source Prompt Encryption SDK, Redefining AI Security
Google Cloud upgrades its confidential computing portfolio with Blackwell GPU-based confidential VMs (Confidential G4 VMs preview), open-source Prompt Encryption SDK, and enhanced Confidential Space featuring Intel Trust Authority and Hopper GPU support, addressing TEE vulnerability CVE-2026-33697 to bolster AI inference and cross-organization training security.
Critical Relay Attack Found in Attestation TLS Protocol: Both Intel TDX and AMD SEV-SNP Affected
A critical architecture flaw in the attestation TLS protocol, enabling relay attacks, has been discovered affecting both Intel TDX and AMD SEV-SNP platforms. With a CVSS score of 7.5, it surpasses recent high-profile confidential computing vulnerabilities. No official patch is currently available.
Active Exploitation of CVE-2026-0257: GlobalProtect VPN Authentication Bypass Threatens Enterprise Networks
Palo Alto Networks confirms active exploitation of CVE-2026-0257 in GlobalProtect VPN. Attackers exploit shared certificates between HTTPS and authentication override to forge cookies, impersonating admins. CISA added to KEV. Urgent upgrade or dedicated cookie encryption certificate recommended.
Anthropic Launches Sonnet 5: 40% Cost for Near-Opus Performance, Reshaping AI Inference Economics
Anthropic launches Claude Sonnet 5, a mid-range flagship model priced at 40% of Opus 4.8. It scores 63.2% on SWE-bench Pro, approaching Opus's 69.2%, and surpasses Opus on GDPval-AA v2. With native 1M token context and 48B average activated parameters, Sonnet 5 targets high-volume API revenue growth.
libssh2 CVE-2026-55200: Pre-auth RCE via Malicious Server, Attack Surface Shifts to Clients
A critical heap out-of-bounds write vulnerability (CVE-2026-55200, CVSS 9.2) in libssh2 allows a malicious SSH server to achieve pre-auth RCE on connecting clients. The flaw affects curl, Git, PHP, and many other projects statically linking the library, expanding the attack surface from servers to virtually any client application, including CI/CD, backup, and embedded systems.
Check Point Bets on GPT-5.5 Privileged Access: Security Control Shifts from Firewalls to LLM APIs
Check Point joins OpenAI's Cybersecurity Trusted Access Program, gaining privileged access to GPT-5.5 for threat analysis and incident response. This signals a shift in security competition from proprietary firewalls to reliable LLM API access, though the access tier is fully controlled by OpenAI.
Cisco Cloud Control: Control Plane Shifts from Silos to Unified AI Agent Orchestration
At Cisco Live 2026, Cisco launched Cloud Control, a unified platform for human and AI agent collaboration across network, security, compute, and observability. Key features include AI Canvas workspace, Cloud Control Studio agent builder (50+ integrations), and Live Protect runtime protection. This signals a major control plane consolidation from domain tools to a single intelligent orchestration layer.
OpenAI buys Ona: Control point shifts to persistent AI agent runtime
OpenAI acquires cloud infrastructure startup Ona to integrate its persistent execution environment into Codex, enabling AI agents to run independently for hours or days in enterprise-owned clouds. This addresses security, governance, and audit requirements, signaling OpenAI's shift from model provider to full-stack AI platform.
AMD Critical RCE Vulnerability Disclosed After 124 Days, Sparks AI Infrastructure Security Crisis
Security researcher mr.bruh publicly disclosed a critical remote code execution (RCE) vulnerability in AMD processors after 124 days without a fix, with AMD refusing a $10,000 bounty. The flaw affects AI servers running AMD EPYC and Instinct, likened to a Log4j moment for AI infrastructure, forcing enterprises to reassess chip-level security response and supply chain risk.
US Export Control Forces Anthropic Claude Fable 5 Offline, AI Regulation Enters Geopolitical Hard Constraints
Anthropic's Claude Fable 5 was taken offline after 4 days due to US export control, triggered by Amazon's security concerns. Anthropic refused to fix jailbreak vulnerabilities, leading to government intervention. Chinese Zhipu AI released open-source GLM-5.2, signaling a shift toward sovereign AI deployment.
Cisco Live 2026: AI Defense Upgrades with Policy Studio, Adaptive Red Teaming, Agent Supply Chain Security
At Cisco Live 2026, Cisco unveiled AI Defense upgrades: adaptive red teaming, Policy Studio for natural language policy, and agent supply chain security with CI/CD integration. It also launched AgenticOps autonomous network operations and native integrations with Amazon Bedrock, Google ADK, LangChain, aiming to secure multi-framework agent environments.
Anthropic Releases Zero Trust Framework for AI Agents
Anthropic releases the industry's first Zero Trust framework for AI agents, defining core principles, five agent-specific threats, and a six-capability roadmap. It shifts security focus from network perimeters to agent identity, behavior, and least agency, setting a new baseline for AI agent security.
Apple Registers genai.apple.com, Siri Standalone App and Extensions System Open Third-Party AI Gateway
Apple registers genai.apple.com before WWDC 2026, signaling generative AI as a platform pillar. Siri becomes a standalone app with personal context, on-screen understanding, and deep app actions. Powered by Google Gemini on Private Cloud Compute. Extensions system lets third-party AI (Claude, Gemini) plug in, with Apple taking a cut.
Anthropic Claude Mythos Finds 10k Vulnerabilities: AI Security Audit Goes Production, Patch SLA Collapses to 7 Days
50 partners using Claude Mythos Preview discovered 10,000+ vulnerabilities, including 6,202 high/critical and 1,726 verified, with a CVSS 9.1 WolfSSL critical flaw (CVE-2026-5194). AI-assisted vulnerability discovery enters production, threatening traditional manual audits and legacy scanners like Nessus/Qualys, compressing enterprise patch SLAs to 7 days.
Microsoft Open-Sources RAMPART & Clarity: CI-Driven Red Teaming and Multi-AI Design Validation for Agents
Microsoft open-sources RAMPART, an agent red-teaming framework that encodes attack scenarios into repeatable CI tests, and Clarity, a structured design validation tool using multi-AI perspectives. Together they form a spec-driven AI security engineering loop, aiming to lower enterprise costs and drive standardization.