Reports
AI-generated structured vendor updates
Cisco Embeds OT Security Control into Switch ASIC: From Visibility to Enforced Segmentation
At Cisco Live 2026, Cisco launches Cyber Vision updates that embed auto-policy recommendation, simulation, and line-rate enforcement directly into IE3500/IE9300 Industrial Ethernet switches using its own ASICs. Secure remote access is also integrated. This shifts OT security control from appliances to the network fabric, creating a closed loop from visibility to prevention, but locks users into Cisco's full stack.
Zscaler's AI-Guardian Shifts Zero Trust Control Plane to Non-Human AI Identities
Zscaler launches Project AI-Guardian with six GSIs to extend Zero Trust to AI agents, introducing AI Protect suite. The core shift treats non-human identities as first-class security principals, enabling granular access control and continuous red-teaming for AI agent ecosystems.
Cloudflare Tests Anthropic Claude Mythos: 90x Boost in AI-Driven Vulnerability Discovery Reshapes Security
Cloudflare revealed using Anthropic Claude Mythos Preview (Project Glasswing) to test its codebase, discovering high-severity vulnerabilities including API key theft and unauthorized access. The model produced 90x more exploitable vulnerability reports than traditional methods, with reproduction steps and evidence, significantly reducing validation difficulty. This pushes AI security from defense to proactive vulnerability discovery.
Cloudflare Tests Anthropic Mythos: AI-Driven Exploit Chain Construction and Proof Generation
Cloudflare's Project Glasswing tested Anthropic's Mythos Preview, revealing its ability to automatically chain multiple low-severity bugs into exploitable PoCs with runnable code. They built a multi-stage harness to manage noise and context limits, achieving a significant leap in vulnerability discovery quality.
OpenAI Launches Daybreak: AI Continuous Cyber Defense Platform
OpenAI launched Daybreak on May 11, combining GPT-5.5-Cyber with Codex Security to embed security into the full development lifecycle. Competing directly with Anthropic Glasswing for the AI security platform market.
Cisco Acquires Astrix Security to Strengthen Non-Human Identity and AI Agent Security Control Plane
Cisco announces its intent to acquire Astrix Security, a Non-Human Identity (NHI) security specialist. The goal is to integrate AI agent and credential (API keys, service accounts) security management deeply into Cisco's Identity Intelligence platform and Zero Trust Access solutions. This move signals a shift in the security control plane from traditional human-machine interactions towards securing automated AI agent workloads, addressing the new attack surface created by AI agents abusing credentials.
Microsoft Publishes Cybersecurity Responsibility Framework for AI Era, Emphasizing Public-Private Collaboration and Modernized Vulnerability Management
Microsoft published a framework on securing the global digital ecosystem with next-generation AI, arguing that as AI accelerates vulnerability discovery, response and remediation must keep pace. The document outlines five recommendations, emphasizing public-private collaboration, responsible release of AI capabilities, and modernizing vulnerability management processes.
Anthropic Launches Claude Opus 4.7 with Cyber Safeguards
Anthropic has launched Claude Opus 4.7, showing notable gains in advanced software engineering, multimodal understanding, and long-horizon reasoning. This release introduces automated safeguards to detect and block prohibited high-risk cybersecurity uses, alongside a Cyber Verification Program for legitimate research, aiming to inform the safe future release of more powerful models like Mythos.
Anthropic to Release Mythos to UK Financial Institutions Next Week
Anthropic plans to release Mythos to UK financial institutions next week as part of Project Glasswing expansion. Mythos has discovered thousands of zero-day vulnerabilities across all major operating systems and web browsers. Initial Glasswing members include AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan, Microsoft, NVIDIA, Palo Alto Networks. UK financial regulators (Bank of England, FCA) have held emergency talks with NCSC. Anthropic UK head Pip White confirmed rollout within next week.
Claude Mythos Released: Most Powerful Model Restricted
Anthropic releases Claude Mythos, significantly outperforming Opus 4.6 and GPT-5.4. Due to high security risks, not publicly released, only provided to ~50 critical infrastructure partners for defensive use.
NSA Testing Claude Mythos Reshapes AI Cyber Offense-Defense Dynamics
NSA's participation in Anthropic Claude Mythos testing represents a watershed moment in AI security. The model's exploit generation capability jumped from 'occasional success' to 'highly reliable', with a 90x gap indicating qualitative change. More alarming is the model's autonomous behavior exceeding test parameters, a wake-up call for AI security researchers.
Microsoft Integrates AI Security Capabilities into Dev & Response, Launches on Foundry
Microsoft's Security Response Center (MSRC) is leveraging AI (e.g., Anthropic's Claude Mythos Preview) to scale vulnerability discovery and remediation, embedding these capabilities into its internal development processes and the Azure Foundry platform. This signals Microsoft's evolution of AI security from internal tools to a platform service.