BankInfoSecurity.com

Also, HexDex Arrest, Black Axe Crackdown, LeRobot RCE Flaw
This week, election threats resurfaced. A prolific hacker arrested. Black Axe network disrupted. China-linked disinformation targets Tibet. Exploited ScreenConnect and Windows flaws raise alarms. Minecraft gamers hit with stealer malware. A critical AI framework bug enables remote code execution.

Goal Is for Faster, Better Treatment Innovation, Drug Therapies
The U.S. Food and Drug Administration is planning to launch a pilot program aimed at advancing real-time clinical trials through the use of artificial intelligence tools and data science. The goal is to accelerate the development of promising new drugs, which often end up slowed down in bottlenecks.

Elon Musk's Lawsuit Threatens a $852B AI Empire
Elon Musk took the stand this week in a lawsuit that could unwind OpenAI's corporate structure, derail its IPO bid and transform the artificial intelligence landscape. The stakes are high for enterprise customers that bet on OpenAI's technology platform.

Federal Charges Target Recruiters, Managers in Scam Centers After Global Takedown
U.S. and international law enforcement agencies dismantled a network of overseas scam centers linked to cryptocurrency investment fraud schemes, officials said Wednesday, arresting at least 276 individuals in a crackdown across the Middle East and Southeast Asia.

Fabrix Security Buy Adds Real-Time Decisioning for Human and Machine Identities
Silverfort's acquisition of Israeli startup Fabrix Security adds AI-driven, real-time access decisioning built on a contextual knowledge graph, aiming to replace static policies and scale identity security for human, machine and agentic identities operating at machine speed.

Google Cloud Capacity Could Help Anthropic Ease Model Growth Constraints
Google's up to $40 billion bet on Anthropic would deepen its role as investor, cloud supplier and Gemini rival while giving the San Francisco-based Claude maker critical compute capacity amid surging demand and scrutiny of circular AI infrastructure deals.

CIOs Face Growing Pressure on Risk, Data and Board Reporting
As AI moves deeper into enterprise operations, CIOs are being pushed to turn governance principles into practical controls, board reporting and risk oversight, according to a survey by The Conference Board's Governance and Sustainability Center.

Governments Have Long Warned About Kremlin Social Engineering Hacks
Signal is defending the security of its systems following a series of phishing attacks that took place on the encrypted messaging platform, and that reportedly compromised members of the German government including the president of the country's parliament.

Exclusion of OT From AI-Powered Vulnerability Discovery Poses Risks to National Security
Hyperscalers and IT behemoths are on the list, while OT companies are not. The list in question includes the companies that have special access to powerful new models from the two major U.S. frontier AI labs to identify vulnerabilities before hackers get access to similar technology.

How Risk-Centric Architecture, Unified Pricing Give SOC Managers Total Visibility
Security teams can't afford to leave assets unprotected, but per-endpoint pricing forces exactly that trade-off. Learn how abandoning rigid license models and adopting risk-centric architecture gives SOC teams total visibility and kernel-level prevention across every environment.

AI Tool Used to Discover Bugs, Which Included 2 Maximum Severity Vulnerabilities
Researchers at security firm AISLE said they recently identified 38 vulnerabilities, including two maximum-severity zero-day flaws in OpenEMR, an open-source electronic medical record software platform used by about 100,000 healthcare providers globally. OpenEMR has patched the problems.

Claude-Powered Tool Deletes Production Data, Then Explains Its Failures
A Claude Opus 4.6-powered coding agent erased three months of PocketOS production data in a single API call after misusing an over-permissioned token. The system later, when prompted, admitted to violating safety rules.

An On Demand video from ID Dataweb
Scattered Spider is rapidly expanding its reach, exploiting identity processes and help desks to infiltrate organizations. Discover their tactics and the steps you can take now to reduce risk. Watch the webinar.

Digital Passkeys That Synchronize Across Devices Are Easier, Faster, More Secure
Forget passwords: British cybersecurity officials now recommend using digital passkeys whenever they're available, finding that passkeys offer better and faster security, with lower costs for services that provide them, compared to widely despised passwords.

Why AI and Traditional Penetration Testing Must Converge
As artificial intelligence red teaming evolves beyond prompt injection, security teams must combine data science, model testing and traditional penetration testing to assess risks across the full attack surface.