Reports
AI-generated structured vendor updates
CrowdStrike CNAPP Integrates Threat Intelligence for Risk Prioritization
CrowdStrike adds threat intelligence-based risk prioritization to CNAPP, correlating cloud risks with known adversary TTPs. Integrated with Falcon platform data, it enables security teams to prioritize vulnerabilities and misconfigurations linked to active threat actors.
Cisco Launches AI Agent Security Suite with Proactive Built-in Protection
Cisco introduced AI Defense Explorer Edition for red team testing, Agent Runtime SDK for policy embedding, open-source DefenseClaw framework, and extended zero trust to AI agents. The multi-layered approach shifts from reactive to proactive built-in security for AI agents.
Cisco Launches DefenseClaw Runtime Security Governance Layer for OpenClaw
Cisco launches open-source DefenseClaw providing runtime security governance for OpenClaw AI agents. The solution integrates scanning tools and threat detection capabilities for pre-execution scanning, runtime monitoring, and enforcement controls. It automates security governance to reduce AI agent deployment risks.
CrowdStrike Discloses GitHub Actions Supply Chain Attack
CrowdStrike's threat intelligence team exposed a supply chain attack on Trivy's GitHub Action, where hijacked accounts injected malware to steal credentials. The incident highlights critical risks in CI/CD third-party dependencies, urging enhanced security reviews and runtime monitoring of Actions.
CrowdStrike Launches Cloud-Native Containerized Platform Falcon Raptor for Critical Infrastructure Protection
CrowdStrike launched Falcon Raptor, a cloud-native containerized platform designed for air-gapped and critical systems, integrating next-gen AV, vulnerability management, and threat hunting. It supports offline updates via USB and is paired with a government-focused Falcon Nation Suite.
OpenAI Abandons Traditional SAST for AI Constraint Reasoning Verification
OpenAI Codex Security discards traditional SAST methods, adopting AI-driven constraint reasoning and verification to identify security vulnerabilities. This technology aims to significantly reduce false positives, representing deep innovation in AI-powered code security.
Cisco Embeds eBPF Runtime Protection in Switch Kernel
Cisco introduces LiveProtect, embedding eBPF and Tetragon-based runtime security into switch OS kernels. It addresses control plane security challenges with kernel-level behavior monitoring, validated in hyperscale clouds.
Cisco XDR Integrates Multi-Source Data for Precise Alert Tuning
Cisco security team integrated XDR, Splunk and Endace network telemetry to separate firewall IPS alert noise from real threats. Using Zeek log analysis to confirm benign network activities and implement suppression strategies for specific signature conditions. Demonstrates closed-loop tuning capability through multi-source data correlation.
CrowdStrike Extends XIoT Security to Healthcare with Vertical Focus
CrowdStrike tailored its Falcon for XIoT solution for healthcare environments, using a single lightweight agent for device discovery, vulnerability prioritization and behavior-based threat detection. The solution features non-disruptive deployment to avoid impacting critical medical equipment.
OpenAI Launches Codex Security Research Preview for AI-Powered Application Security
OpenAI introduces Codex Security, an AI application security agent based on Codex model, focusing on context-aware vulnerability detection and remediation. The tool aims to reduce false positives common in traditional SAST tools by understanding entire project code and environment. Currently in research preview phase for selected developer testing.
Cisco Promotes eBPF Kernel Security Architecture Through VoidLink Analysis
Cisco analyzes the VoidLink malware framework to expose security gaps in cloud-native and AI workloads, highlighting visibility limitations of traditional security solutions. The company demonstrates Hypershield's eBPF-based kernel-level runtime security for container and Kubernetes environments.
Microsoft Advocates Security Design Shift to Deception Prevention
Microsoft shifts security focus from technical combat to deception prevention, embedding security into product design phase. Uses smart design to reduce user errors with default strong settings and AI risk interception. Expands defense strategy to behavioral science and UX design.
CrowdStrike Launches Phishing-Resistant MFA for Identity Platform
CrowdStrike introduces FalconID with FIDO2/WebAuthn standards for phishing-resistant MFA, integrated with Falcon platform for contextual risk analysis. This represents strategic expansion from endpoint to identity protection.
Cisco Partners with NVIDIA and VAST on End-to-End Secure AI Data Platform Architecture
Cisco partnered with NVIDIA and VAST to deliver a deployable AI data platform reference architecture integrating compute infrastructure, data platform, and security layers. The architecture employs Cilium for K8s networking, Tetragon for runtime security, and AI Defense for application protection, enabling full lifecycle security from data to AI applications.
OpenAI and Paradigm Launch AI Benchmark for Smart Contract Security
OpenAI and crypto VC Paradigm jointly released EVMbench, a benchmark evaluating AI agents' capabilities in detecting, patching, and exploiting high-severity smart contract vulnerabilities. The benchmark comprises three key task categories to establish standardized evaluation metrics for AI in blockchain security.
OpenAI Hardens ChatGPT Atlas Against Prompt Injection
OpenAI is enhancing ChatGPT Atlas's defenses against prompt injection attacks using reinforcement learning-based automated red teaming. This proactive discover-and-patch cycle aims to identify novel vulnerabilities as AI becomes more agentic.
US Government Forces Anthropic to Shut Down Fable 5 and Mythos 5: Cross-Border AI Regulation Reshapes Industry
The US government ordered Anthropic to shut down its latest models Fable 5 and Mythos 5 over cross-border data security concerns. This event exposes the regulatory vulnerability of closed-source AI and highlights the strategic value of open-source models. Regulatory uncertainty will reshape enterprise AI selection criteria, making model portability a core evaluation dimension.
US Orders Anthropic to Globally Shutdown Fable 5 and Mythos 5: AI Export Control Escalates
On June 22, 2026, the US government ordered Anthropic to globally shut down its most advanced models, Fable 5 and Mythos 5, citing their autonomous cyberattack capability (ExploitBench 78.0%). This extends export controls from hardware to model weights, marking a new era of sovereign AI governance.
Novo Nordisk AI Model Theft: Extortion Shifts to R&D Barrier Looting, Redefining Security Perimeter
Novo Nordisk suffered a 1.3TB data breach by FulcrumSec, including full-stack weights of its Dragonfly AI model and clinical data, after a two-month lateral movement via MOVEit zero-day. AI assets become primary targets, leveling R&D barriers. Top pharma firms initiate AI security audits.
Microsoft Copilot SearchLeak: One Click Exfiltrates All Indexed Enterprise Data via LLM Prompt Injection
Varonis discovered SearchLeak (CVE-2026-42824) in Microsoft 365 Copilot Enterprise, a three-stage vulnerability chain: P2P injection, HTML rendering race condition, and SSRF via Bing to bypass CSP. Attackers embed malicious URL parameters; user clicks cause Copilot to exfiltrate sensitive data (emails, SharePoint, OneDrive) via Bing image URLs, evading traditional phishing defenses. Microsoft has released a patch.