Reports
AI-generated structured vendor updates
BadHost CVE-2026-48710: Starlette Auth Bypass Exposes AI Agent Infrastructure to HTTP Smuggling
BadHost (CVE-2026-48710) exploits Starlette's inconsistent URL reconstruction via Host header injection, bypassing path-based auth. Affecting 400K+ repos including FastAPI, vLLM, and MCP Server, it exposes AI Agent infrastructure to data theft and potential RCE, forcing a security paradigm shift in HTTP parsing.
In-depth Analysis of CISA Agentic AI Security Guidelines
CISA released the world's first Agentic AI security deployment guidelines on May 1, 2026, marking a critical transition from theoretical discussions to mandatory compliance requirements.
Zscaler Wins Google Cloud Security Partner of the Year; ThreatLabz Report Reveals Enterprise AI Security Risks
Zscaler wins Google Cloud Security Partner of the Year; ThreatLabz report reveals three risk tiers: Shadow AI proliferation, DLP data leakage, and Agentic AI new attack surfaces.
Cisco RSA 2026: Three-Pillar Security Framework for Agentic Workforce
At RSA Conference 2026, Cisco unveiled a three-pillar security framework for agentic workforce: 1) Zero Trust for AI Agents - Duo IAM integration with MCP policies for verified agent identities; 2) AI Defense Explorer Edition - Dynamic red teaming tool supporting prompt injection and jailbreak simulations; 3) Splunk SOC enhancements - Exposure Analytics, Detection Studio, Agentic SOC Expansion with specialized agents like Detection Builder and Triage Agent. Also launched DefenseClaw security framework and LLM Security Leaderboard.
Cisco Launches Agentic AI Zero Trust with Identity and Behavior Monitoring
Cisco extends its zero trust architecture with a security solution for AI agents, featuring agent discovery and identity management, granular access control, and real-time behavior monitoring, using identity-aware and semantic analysis for non-human entity security.
Vonage Wins Juniper Research Awards for Communication APIs and Mobile Identity
Ericsson's Vonage received two awards from Juniper Research for 'Best Network API Platform' and 'Best Mobile Identity Solution', recognizing its innovation in programmable communications and secure authentication. The awards reinforce Vonage's market position in CPaaS but do not involve new technical or architectural developments.
CrowdStrike Launches Phishing-Resistant MFA for Identity Platform
CrowdStrike introduces FalconID with FIDO2/WebAuthn standards for phishing-resistant MFA, integrated with Falcon platform for contextual risk analysis. This represents strategic expansion from endpoint to identity protection.
OpenAI and Anthropic Mandate Identity Verification: End of Anonymous AI Era
OpenAI and Anthropic simultaneously enforce identity verification (ID upload, 3D liveness detection). This marks the end of anonymous AI usage, shifting AI from a chat tool to a authenticated agent capable of real-world actions, setting a new industry-wide user access standard.