Reports
AI-generated structured vendor updates
Mandiant Reveals Cisco SD-WAN Manager Zero-Day: Control Plane Becomes Prime Target
Mandiant identified a zero-day (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager exploited via malicious CSV upload to escalate to root. The intrusion involved rogue peering, credential manipulation, and anti-forensic cleanup. This highlights SD-WAN centralized control planes as a new attack surface for advanced threats.
NVIDIA Bets on World-Action Models: Control Shifts from VLM to Video Backbones
NVIDIA's blog introduces World-Action Models (WAMs) as a paradigm shift from VLM-based VLAs. WAMs leverage pretrained video/world-model backbones to jointly predict future states and robot actions, aiming to bridge the language-to-action grounding gap. This could redefine robot foundation model training but raises concerns about inference cost and latency.
Cloudflare as Customer Zero: Layered Defense Architecture Against Frontier AI Threats
Cloudflare reveals its production defense architecture against frontier AI models, using itself as customer zero. Combines WAF Attack Score, API Shield, Bot Management, Zero Trust, and MCP Server Portal. Core insight: architecture around the vulnerability matters more than patch speed, using ML scoring and positive security models to block attack variants before they hit, and contain lateral movement after a breach.
Hardcoded ASP.NET Machine Keys Enable ViewState Deserialization RCE in KnowledgeDeliver LMS
Mandiant reveals that KnowledgeDeliver LMS uses hardcoded ASP.NET machineKeys, enabling unauthenticated RCE (CVE-2026-5426). Attackers craft malicious ViewState payloads, deploy BLUEBEAM in-memory webshell, and infect visitors.
Palo Alto Networks Idira: Democratizing Privilege Control, AI Agent Identity as New Control Plane
Palo Alto Networks launches Idira, an identity security platform built on CyberArk PAM, extending privileged access control to every human, machine, and AI agent identity. Core features include Zero Standing Privilege (ZSP), JIT permissions, and an AI engine for automatically discovering hidden entitlements and recommending least privilege. Idira becomes PANW's third core platform alongside Strata and Cortex.
CrowdStrike Extends XIoT Security to Healthcare with Vertical Focus
CrowdStrike tailored its Falcon for XIoT solution for healthcare environments, using a single lightweight agent for device discovery, vulnerability prioritization and behavior-based threat detection. The solution features non-disruptive deployment to avoid impacting critical medical equipment.