Reports
AI-generated structured vendor updates
Google Cloud Multi-Agent Architecture Shifts Control from Human to Autonomous Verification
Google Cloud introduces agent-scale data management with multi-agent verification to reduce human oversight. Deploys six Gemini agents with Nokia for autonomous network operations. Amazon plans to commercialize Trainium chips, intensifying AI hardware competition against Google TPU and Nvidia GPU.
Mandiant Reveals Cisco SD-WAN Manager Zero-Day: Control Plane Becomes Prime Target
Mandiant identified a zero-day (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager exploited via malicious CSV upload to escalate to root. The intrusion involved rogue peering, credential manipulation, and anti-forensic cleanup. This highlights SD-WAN centralized control planes as a new attack surface for advanced threats.
Google unveils 8th-gen TPU: 3x training speed, 3x SRAM for inference, redefines AI compute TCO
At Cloud Next 2026, Google launched 8th-gen TPU with dual variants: TPU 8t for training (9600 per pod, 2PB shared memory) and TPU 8i for inference (1152 per pod, 3x on-chip SRAM). Also announced Gemini Enterprise Agent Platform, N4 Axion ARM instances (2x price-performance vs x86), and AI-driven security with Wiz.
Cisco AI Defense Adds Agent Harness Red Teaming for Agentic AI Security
Cisco introduces Agent Validation in AI Defense: Explorer Edition, a dedicated red-teaming capability for agentic AI systems. It autonomously probes agent harness attack surfaces, including tool routes, indirect content channels, and persistent state, providing verified findings beyond chat-based security assessments.
CrowdStrike Continuous Identity for AI Agents Shifts Control Plane
At Identiverse 2026, CrowdStrike launched Continuous Identity for AI Agents, a Falcon Next-Gen Identity Security capability. Using SPIFFE for verifiable agent identity, it dynamically grants/revokes access based on real-time risk, eliminates standing privileges, and integrates with Falcon AIDR to detect privilege misuse, shifting the identity control plane from static policies to continuous risk assessment.
CrowdStrike's Continuous Identity for AI Agents: Real-Time Risk Engine Replaces Static Policies
CrowdStrike launches Continuous Identity for AI Agents, assigning cryptographically verifiable identities via SPIFFE and authorizing every agent action based on owner, caller, and device risk in real time. It eliminates standing privileges, integrates with Falcon AIDR for permission misuse detection, and extends the identity security control plane across human, non-human, and AI identities.
Palo Alto GlobalProtect VPN 0-Day Under Active Exploit: Gateway RCE Exposes Remote Access Risks
A critical unauthenticated remote code execution vulnerability in Palo Alto Networks GlobalProtect VPN is under active exploitation. This flaw directly compromises the VPN gateway, a key enterprise remote access component, exposing networks to potential takeover. Urgent patching and log review are mandated for all affected organizations.
Cloudflare as Customer Zero: Layered Defense Architecture Against Frontier AI Threats
Cloudflare reveals its production defense architecture against frontier AI models, using itself as customer zero. Combines WAF Attack Score, API Shield, Bot Management, Zero Trust, and MCP Server Portal. Core insight: architecture around the vulnerability matters more than patch speed, using ML scoring and positive security models to block attack variants before they hit, and contain lateral movement after a breach.
Cloudflare Embeds Live Threat Intel into WAF, Shifting Control from Manual Rules to Automated Engine
Cloudflare announces integration of real-time threat intelligence (from Cloudforce One) into its WAF engine, enabling proactive rules based on IP, attacker names, target industries, etc. Uses always-on detection with O(1) constant-time lookup for negligible latency. Currently IP-based, with plans for JA3 and domain matching.
Cisco AI Defense + AppOmni Extends Runtime Guardrails to SaaS AI Agents
Cisco integrates AI Defense with AppOmni, using AgentGuard as a real-time intercept layer inside SaaS environments. Custom guardrails now apply to Microsoft 365 Copilot, ServiceNow Now Assist, and other SaaS agents, monitoring MCP, chat, and agent-to-agent channels to block prompt injection, tool exploitation, and data exfiltration with a unified policy engine.
Cisco Talos Threat Hunting Expands Across Endpoint, Network, and Identity Domains
Cisco Talos expands threat hunting to network (Cisco Firewall) and identity (Cisco Duo) domains, using an AI-driven engine for hypothesis-based searches. Findings are delivered via Cisco Security Cloud Control, targeting stealthy threats that evade alert-based detection.
NVIDIA BlueField DPU In-Silicon Security Shifts AI Factory Control from Software to Hardware
NVIDIA unveils DOCA security stack (Argus, Vault, Flow) on BlueField-4 DPU, enabling hardware-isolated runtime threat detection via zero-copy memory analysis, zero-trust file access, and 800 Gb/s network enforcement. This shifts security control from host OS to DPU silicon, delivering distributed full-stack protection without compromising AI throughput, but deeply ties to Vera Rubin platform, creating ecosystem lock-in.
Check Point Agentic Exposure Validation: AI Agents Counter Autonomous Exploitation
Check Point launches Agentic Exposure Validation (AEV), using AI agents that reason like attackers. It correlates exposure data, asset context, and live threat intelligence to safely prove what is exploitable. Part of CTEM, it enables evidence-based reduction before AI-driven adversaries act.
Hardcoded ASP.NET Machine Keys Enable ViewState Deserialization RCE in KnowledgeDeliver LMS
Mandiant reveals that KnowledgeDeliver LMS uses hardcoded ASP.NET machineKeys, enabling unauthenticated RCE (CVE-2026-5426). Attackers craft malicious ViewState payloads, deploy BLUEBEAM in-memory webshell, and infect visitors.
Google Antigravity Control Plane Redefines AI Development, Locks Agent Orchestration
At I/O 2026, Google launched Antigravity 2.0 desktop app and CLI/SDK as a unified agent control plane, alongside Gemini 3.5 Flash/Omni models, Managed Agents API, and native Android support in AI Studio. This aims to streamline AI development from prototype to production, but effectively locks developers into Google's ecosystem and cloud services.
Cloudflare Tests Anthropic Mythos: AI-Driven Exploit Chain Construction and Proof Generation
Cloudflare's Project Glasswing tested Anthropic's Mythos Preview, revealing its ability to automatically chain multiple low-severity bugs into exploitable PoCs with runnable code. They built a multi-stage harness to manage noise and context limits, achieving a significant leap in vulnerability discovery quality.
Cisco Publishes Model Provenance Constitution, Defining Weight-Level Derivation Standards
Cisco published the 'Model Provenance Constitution' to provide a normative definition for AI model supply chain safety. The standard strictly hinges on the verifiable derivation history of model weights, clearly delineating five types of provenance links (e.g., direct descent, distillation) and eight exclusions (e.g., independent reproduction), aiming to resolve industry inconsistencies in model provenance definitions.
Cisco Open Sources Model Provenance Kit, Targeting AI Supply Chain Security Governance
Cisco released the open-source Model Provenance Kit, which uses a tiered strategy to analyze model metadata, tokenizer structure, and weight-level signals to generate unique fingerprints and verify the lineage and integrity of AI models. This aims to address risks of tampering, forgery, and compliance in the AI model supply chain.
Cisco Pushes Service Providers to Monetize Embedded Security
Cisco's blog argues that service providers must shift from viewing security as a cost to treating it as a growth engine. The core premise is that by embedding security natively into network infrastructure, providers can offer high-value security-as-a-service and capture new B2B revenue in a commoditized bandwidth market.
Google Opens TPU Hardware to On-Prem, 8th-Gen Chips Target Nvidia
Google announces 8th-gen TPUs (8t for training with 3x performance over Ironwood, 8i for inference with 80% better perf/dollar) and plans to deliver TPU hardware directly to customer data centers. Also closed Wiz acquisition to bolster AI security. This marks a strategic pivot from cloud-only to hardware supplier.