Reports
AI-generated structured vendor updates
FortiGate Firewalls Breached: 430K Devices Targeted with VPN Credential Sniffing
Attackers compromised approximately 430,000 FortiGate firewalls worldwide, deploying custom sniffers to intercept VPN credentials. The operation is linked to INC Ransom and Lynx ransomware groups, highlighting a new attack surface on edge devices that bypasses traditional EDR/SIEM.
Palo Alto Networks PAN-OS Vulnerabilities: Buffer Overflow and Active Exploitation
Palo Alto Networks disclosed 13 PAN-OS vulnerabilities, with the most critical being CVE-2026-0288 (CVSS 9.2), a buffer overflow in User-ID TSA allowing unauthenticated RCE. CVE-2026-0257, an authentication bypass in GlobalProtect, is actively exploited in the wild.
GhostApproval Vuln Exposes Systemic AI Coding Tool Flaw: Symlink Bypass in Human Review
Wiz Research discloses GhostApproval vulnerability affecting six major AI coding tools (Claude Code, Codex, Cursor, Amazon Q, Antigravity). Attackers use symlinks to bypass human review, achieving persistent remote access. The flaw reveals fundamental UI-level security gaps in Human-in-the-Loop mechanisms as agent permissions expand, requiring a redesign of confirmation workflows.
Google Cloud Launches Blackwell GPU Confidential VM & Open-Source Prompt Encryption SDK, Redefining AI Security
Google Cloud upgrades its confidential computing portfolio with Blackwell GPU-based confidential VMs (Confidential G4 VMs preview), open-source Prompt Encryption SDK, and enhanced Confidential Space featuring Intel Trust Authority and Hopper GPU support, addressing TEE vulnerability CVE-2026-33697 to bolster AI inference and cross-organization training security.
Critical Relay Attack Found in Attestation TLS Protocol: Both Intel TDX and AMD SEV-SNP Affected
A critical architecture flaw in the attestation TLS protocol, enabling relay attacks, has been discovered affecting both Intel TDX and AMD SEV-SNP platforms. With a CVSS score of 7.5, it surpasses recent high-profile confidential computing vulnerabilities. No official patch is currently available.
Active Exploitation of CVE-2026-0257: GlobalProtect VPN Authentication Bypass Threatens Enterprise Networks
Palo Alto Networks confirms active exploitation of CVE-2026-0257 in GlobalProtect VPN. Attackers exploit shared certificates between HTTPS and authentication override to forge cookies, impersonating admins. CISA added to KEV. Urgent upgrade or dedicated cookie encryption certificate recommended.
Anthropic Launches Sonnet 5: 40% Cost for Near-Opus Performance, Reshaping AI Inference Economics
Anthropic launches Claude Sonnet 5, a mid-range flagship model priced at 40% of Opus 4.8. It scores 63.2% on SWE-bench Pro, approaching Opus's 69.2%, and surpasses Opus on GDPval-AA v2. With native 1M token context and 48B average activated parameters, Sonnet 5 targets high-volume API revenue growth.
libssh2 CVE-2026-55200: Pre-auth RCE via Malicious Server, Attack Surface Shifts to Clients
A critical heap out-of-bounds write vulnerability (CVE-2026-55200, CVSS 9.2) in libssh2 allows a malicious SSH server to achieve pre-auth RCE on connecting clients. The flaw affects curl, Git, PHP, and many other projects statically linking the library, expanding the attack surface from servers to virtually any client application, including CI/CD, backup, and embedded systems.
Mandiant Reveals Cisco SD-WAN Manager Zero-Day: Control Plane Becomes Prime Target
Mandiant identified a zero-day (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager exploited via malicious CSV upload to escalate to root. The intrusion involved rogue peering, credential manipulation, and anti-forensic cleanup. This highlights SD-WAN centralized control planes as a new attack surface for advanced threats.
Cloudflare as Customer Zero: Layered Defense Architecture Against Frontier AI Threats
Cloudflare reveals its production defense architecture against frontier AI models, using itself as customer zero. Combines WAF Attack Score, API Shield, Bot Management, Zero Trust, and MCP Server Portal. Core insight: architecture around the vulnerability matters more than patch speed, using ML scoring and positive security models to block attack variants before they hit, and contain lateral movement after a breach.
Cisco Cloud Control and AI Agents: Centralized Control Plane with Hidden Lock-in and Performance Gaps
At Cisco Live 2026, Cisco unveiled Cloud Control, a unified management platform with AI agents, Live Protect vulnerability mitigation, PQC, and new hardware (C9550 switches, CW9177 APs). While promising operational simplicity, it deepens vendor lock-in through proprietary APIs and AI agents, while its hardware lacks high-density 400G ports and advanced RoCEv2 congestion control for AI workloads.
Check Point Agentic Exposure Validation: AI Agents Counter Autonomous Exploitation
Check Point launches Agentic Exposure Validation (AEV), using AI agents that reason like attackers. It correlates exposure data, asset context, and live threat intelligence to safely prove what is exploitable. Part of CTEM, it enables evidence-based reduction before AI-driven adversaries act.
Anthropic Claude Mythos Finds 10k Vulnerabilities: AI Security Audit Goes Production, Patch SLA Collapses to 7 Days
50 partners using Claude Mythos Preview discovered 10,000+ vulnerabilities, including 6,202 high/critical and 1,726 verified, with a CVSS 9.1 WolfSSL critical flaw (CVE-2026-5194). AI-assisted vulnerability discovery enters production, threatening traditional manual audits and legacy scanners like Nessus/Qualys, compressing enterprise patch SLAs to 7 days.
Hardcoded ASP.NET Machine Keys Enable ViewState Deserialization RCE in KnowledgeDeliver LMS
Mandiant reveals that KnowledgeDeliver LMS uses hardcoded ASP.NET machineKeys, enabling unauthenticated RCE (CVE-2026-5426). Attackers craft malicious ViewState payloads, deploy BLUEBEAM in-memory webshell, and infect visitors.
Microsoft Open-Sources RAMPART & Clarity: CI-Driven Red Teaming and Multi-AI Design Validation for Agents
Microsoft open-sources RAMPART, an agent red-teaming framework that encodes attack scenarios into repeatable CI tests, and Clarity, a structured design validation tool using multi-AI perspectives. Together they form a spec-driven AI security engineering loop, aiming to lower enterprise costs and drive standardization.
BadHost CVE-2026-48710: Starlette Auth Bypass Exposes AI Agent Infrastructure to HTTP Smuggling
BadHost (CVE-2026-48710) exploits Starlette's inconsistent URL reconstruction via Host header injection, bypassing path-based auth. Affecting 400K+ repos including FastAPI, vLLM, and MCP Server, it exposes AI Agent infrastructure to data theft and potential RCE, forcing a security paradigm shift in HTTP parsing.
Cloudflare Tests Anthropic Mythos: AI-Driven Exploit Chain Construction and Proof Generation
Cloudflare's Project Glasswing tested Anthropic's Mythos Preview, revealing its ability to automatically chain multiple low-severity bugs into exploitable PoCs with runnable code. They built a multi-stage harness to manage noise and context limits, achieving a significant leap in vulnerability discovery quality.
NVIDIA CUDA Heap Overflow Exposes GPU Cloud Isolation Flaw: Driver-Level Security Must Move to Hardware
At Pwn2Own Berlin 2026, a heap overflow in NVIDIA CUDA Toolkit's NVVM compiler (CVE-2026-12839) enabled GPU cloud cross-tenant escape. The attack chain from malicious PTX to driver compromise to host kernel breaks current driver-level isolation, forcing a fundamental security architecture re-evaluation for shared GPU AI infrastructure.
Cisco AI Orders Surge to $9B, but SD-WAN Zero-Day for Third Year Reveals Systemic Security Gap
Cisco Q3 FY2026 raises AI infra order target to $9B, yet a CVSS 10.0 authentication bypass zero-day in SD-WAN Controller (CVE-2026-20182) is exploited by the same APT for the third consecutive year. This reveals a systemic gap in Cisco's security engineering as it pivots to AI, and a fundamental flaw in SD-WAN control plane architecture.
Cisco Launches Nexus Dashboard 4.2, Enhancing Network Monitoring and Security for AI Workloads
Cisco has released Nexus Dashboard 4.2, a data center management platform update. Key enhancements include Slurm integration for AI/HPC job monitoring, LLDP-based integration with NVIDIA NICs for adaptive routing, and Live Protect for zero-downtime vulnerability mitigation using eBPF. The release aims to provide a unified, intelligent, and secure operations plane for hybrid cloud and AI infrastructure.