Jumping to the conclusion that Vault 7 proves Cozy Bear and Fancy Bear were CIA provocations? Well, jump wither thou listeth, but do so after considering the Intercept's sensible observation: you're probably seeing economical code reuse as opposed to false flags. It's unsurprising, most observers say, that the CIA (or any intelligence service, for that matter) would repurpose code pulled from the wild if that code met mission needs. The Bear sisters remain, in all probability, the медведи they've long been taken for.
Emerging security industry consensus holds the interesting question about the Vault 7 dumps to be just how the material leaked.
The leaks do include some commentary on the relative difficulty of bypassing various security products. Some fare better than others, if the leaks are to be believed. KrebsOnSecurity thinks one lesson industry should draw from Vault 7 is that money spent on marketing might be better applied toward "stress-testing" products.
RAND has an interesting study out on the zero-day market. Much of the commentary on the report takes it as a given that purchasing and "stockpiling" zero-days is a bad practice. That may be true, but the issue's not entirely clear. See this discussion of the Vulnerabilities Equities Process at CyCon last October for intelligent advocacy from the debate's two sides.
Cisco's Talos unit reports that an Apache Struts zero-day is being actively exploited. Users are urged to patch.
Eastern European NATO members urge the US to apply "soft power" against Russian assertiveness (that is, more information operations).