Two industry leaders at American Banker's Digital Banking conference said banks' fraud and identity controls weren't built for software acting as the customer.

The same groups want the Securities and Exchange Commission to drop its breach-disclosure rule while asking Congress to keep a confidential threat-sharing law.

An employee uploaded customer data to an unauthorized AI app. The bank says it reached the vendor before a model could train on the data.

The order asks major AI companies to voluntarily give the government a preview of their latest models. 

Reports show banks and the agencies that regulate them are both very vulnerable to fast-moving cyber attackers exploiting loopholes in computer systems.

Verizon's 2026 Data Breach Investigations Report finds attackers now break in most often through unpatched software and third-party vendors, not stolen passwords.

The eurozone's top bank supervisor is the latest to act on artificial intelligence's impact on cyber risk, even as U.S. regulators set no formal expectations.

Regulators pushed banks toward multifactor authentication. A new phishing-as-a-service kit, flagged by the FBI, is built to slip right past it.

JPMorgan, Mozilla, Palo Alto and other Glasswing partners have new latitude as Anthropic loosens disclosure rules under congressional pressure.

Columbia caught the attacker still inside its systems on Dec. 19, three days before the access window closed, then took four months to notify customers.

Three senior officials say attackers will eventually breach bank defenses, and supervisors should plan for it — while U.S. regulators stay nearly silent.

The revelation that Mythos, the latest version of Anthropic's Claude large language model, can unearth unknown vulnerabilities in computer systems and websites is a crisis moment, especially for community banks.

Plaintiffs say Team 313 stole Social Security numbers and IDs. Chime says no data left its systems. None of the suits has its own evidence.

The case exposes a systemic risk for banks: incident-response and ransomware-negotiation firms receive sensitive breach details that a corrupted insider can sell back to the attackers.

New York extracted $5 million and a broker registration from Uphold over its promotion of CredEarn, a yield product whose issuer collapsed in 2020.

Banks have publicly said they're on top of the risk presented by Anthropic's Claude Mythos, which can find and exploit software vulnerabilities at unprecedented speed. Experts aren't as sure.

Plaintiffs allege the banks failed to safeguard names, Social Security numbers and account data after a breach at a vendor neither bank has named.

Fintech firm IntraFi's most recent quarterly survey of bank executives showed rising pessimism among bankers related to "instability in Washington," as well as growing concerns about technology-enabled fraud.