Reports
AI-generated structured vendor updates
Palo Alto Networks PAN-OS Vulnerabilities: Buffer Overflow and Active Exploitation
Palo Alto Networks disclosed 13 PAN-OS vulnerabilities, with the most critical being CVE-2026-0288 (CVSS 9.2), a buffer overflow in User-ID TSA allowing unauthenticated RCE. CVE-2026-0257, an authentication bypass in GlobalProtect, is actively exploited in the wild.
Active Exploitation of CVE-2026-0257: GlobalProtect VPN Authentication Bypass Threatens Enterprise Networks
Palo Alto Networks confirms active exploitation of CVE-2026-0257 in GlobalProtect VPN. Attackers exploit shared certificates between HTTPS and authentication override to forge cookies, impersonating admins. CISA added to KEV. Urgent upgrade or dedicated cookie encryption certificate recommended.
Palo Alto Acquires Portkey: The Battle for AI Agent Security Control Plane Begins
Palo Alto Networks acquires Portkey, an AI Gateway pioneer, integrating it into Prisma AIRS. Portkey provides a centralized control plane for managing and securing autonomous AI agents, processing trillions of tokens monthly. This signals a fundamental shift from perimeter defense to an AI transaction-level control plane.
Cloudflare One Stack: AI Agent Skills to Automate SASE Migration, Targeting Zscaler Lock-in
Cloudflare launches the Cloudflare One Stack, a set of skill files for AI agents to automate Zero Trust deployment and migration, with built-in logic for migrating from Zscaler and Palo Alto Networks. It integrates with the MCP server for live API access, aiming to slash switching costs and accelerate defection from rival SASE platforms.
Palo Alto GlobalProtect VPN 0-Day Under Active Exploit: Gateway RCE Exposes Remote Access Risks
A critical unauthenticated remote code execution vulnerability in Palo Alto Networks GlobalProtect VPN is under active exploitation. This flaw directly compromises the VPN gateway, a key enterprise remote access component, exposing networks to potential takeover. Urgent patching and log review are mandated for all affected organizations.
PANW Acquires IBM QRadar SaaS: SIEM Ecosystem Consolidates, Cortex Platform Locks In Enterprises
Palo Alto Networks acquires IBM's QRadar SaaS security operations assets, aiming to migrate customers to Cortex XSIAM. IBM Consulting will assist deployments, and PANW becomes IBM's internal security standard. The SIEM market now sees Splunk under Cisco, QRadar under PANW, squeezing independent vendors.
Palo Alto Networks Acquires IBM QRadar SaaS: Forcing SIEM Ecosystem Shift to AI-Native XSIAM
Palo Alto Networks acquires IBM QRadar SaaS assets to migrate legacy SIEM customers to its Cortex XSIAM AI-native security platform. IBM exits security products, pivoting to consulting and managed services. The move accelerates SIEM market consolidation, squeezing standalone SIEM vendors like SentinelOne and challenging CrowdStrike's differentiation.
Zscaler's AI-Guardian Shifts Zero Trust Control Plane to Non-Human AI Identities
Zscaler launches Project AI-Guardian with six GSIs to extend Zero Trust to AI agents, introducing AI Protect suite. The core shift treats non-human identities as first-class security principals, enabling granular access control and continuous red-teaming for AI agent ecosystems.
Cloudflare Tests Anthropic Claude Mythos: 90x Boost in AI-Driven Vulnerability Discovery Reshapes Security
Cloudflare revealed using Anthropic Claude Mythos Preview (Project Glasswing) to test its codebase, discovering high-severity vulnerabilities including API key theft and unauthorized access. The model produced 90x more exploitable vulnerability reports than traditional methods, with reproduction steps and evidence, significantly reducing validation difficulty. This pushes AI security from defense to proactive vulnerability discovery.
Palo Alto Networks Idira: Democratizing Privilege Control, AI Agent Identity as New Control Plane
Palo Alto Networks launches Idira, an identity security platform built on CyberArk PAM, extending privileged access control to every human, machine, and AI agent identity. Core features include Zero Standing Privilege (ZSP), JIT permissions, and an AI engine for automatically discovering hidden entitlements and recommending least privilege. Idira becomes PANW's third core platform alongside Strata and Cortex.
Google Cloud Shifts Control Plane to Application-Centric Management with New Hub
Google Cloud launches Application Design Center, App Hub/App Topology, and Cloud Hub, making the 'Application' the central management unit. With opinionated compliance templates, auto-generated Terraform, and Gemini Cloud Assist integration, it delivers AI-driven governance across the lifecycle, shifting the control plane from infrastructure resources to application semantics.
In-depth Analysis of CISA Agentic AI Security Guidelines
CISA released the world's first Agentic AI security deployment guidelines on May 1, 2026, marking a critical transition from theoretical discussions to mandatory compliance requirements.
Palo Alto Cortex Cloud 2.0: AI Autonomous Security Workforce Leads Paradigm Shift
Palo Alto Networks released Cortex Cloud 2.0 featuring AI agent workforces AgentiX in cloud security operations. AI agents trained on 1.2 billion real-world responses autonomously investigate and resolve complex security issues reducing cloud risk remediation from days to minutes.
Palo Alto Cortex Cloud 2.0: AI Autonomous Security Workforce Leads Cloud Security Paradigm Shift
Palo Alto Networks released Cortex Cloud 2.0, featuring AI agent workforces (AgentiX) in cloud security operations. AI agents trained on 1.2 billion real-world responses autonomously investigate and resolve complex security issues, reducing cloud risk remediation from days to minutes. The redesigned Cloud Command Center unifies multi-cloud visualization, while the ASPM module shifts security remediation left to the development stage, 10x faster than production remediation.
Cloudflare GA Post-Quantum IPsec: Hybrid ML-KEM Standard Defeats QKD, Proprietary Suites
Cloudflare announces GA of post-quantum encryption for its IPsec product, implementing hybrid **ML-KEM (FIPS 203)** per **draft-ietf-ipsecme-ikev2-mlkem**. It achieves interoperability with **Cisco IOS XE** and **Fortinet FortiOS 7.6.6+** without special hardware. This extends post-quantum security to site-to-site WAN and explicitly rejects the **QKD** approach.
Palo Alto Acquires Portkey: Capturing AI Agent Security Control Plane
The Portkey acquisition represents Palo Alto's latest move in 'platform consolidation' strategy. Unlike CrowdStrike's 'best-of-breed' approach, Palo Alto is continuously acquiring to complete its AI security capability matrix. Post-acquisition, Palo Alto will possess a complete platform covering network, cloud, endpoint, security operations, and AI security.
Google Cloud Next '26: Agent Gateway Seizes Control Plane, TPU 8i Locks Inference
Google Cloud Next '26 announces 8th-gen TPUs (8t for training, 8i for inference), Agent Platform with Agent Gateway, Agent Identity, Agent-to-Agent Orchestration, Agentic Data Cloud, and Agentic Defense integrating Wiz. The move shifts control from infrastructure to agent orchestration, locking enterprises into a vertically integrated stack.
Palo Alto Deepens Google Cloud Partnership
Palo Alto deepens Google Cloud partnership with $2.4B Marketplace bookings.
Palo Alto Scaling AI Agents Framework
Palo Alto releases Scaling AI Agents with Confidence framework for enterprise AI scale deployment security.
Palo Alto Scaling AI Agents Framework: Enterprise AI Deployment Guide
Palo Alto releases Scaling AI Agents with Confidence framework providing security guidance for enterprise AI scale deployment. Framework addresses three major challenges: Shadow AI detection, non-human identity governance, security-speed tradeoffs. Provides three-layer architecture: integrated ecosystem + joint engineering + proven scale. Includes four-step security maturity path: discovery-evaluation, protection-monitoring, governance-optimization.