From credit bureaus to software providers, 2025 saw attackers bypass bank defenses by targeting the supply chain and using social engineering.

Fifty-four individuals tied to the Tren de Aragua gang face charges for using Ploutus malware to drain millions from community banks and credit unions.

ServiceNow, with its largest-yet M&A deal, will fold Armis' threat prevention services into its larger cybersecurity suite.

An American Banker survey found that bankers think the industry isn't prepared for growth in artificial intelligence and digital assets.

The National Institute of Standards and Technology's preliminary draft helps banks integrate artificial intelligence into their existing security strategies.

New research from American Banker explores how bankers predict stablecoins, subprime credit, cyber security and other factors will shape the industry at large.

A breach at an auto lending compliance provider highlights third-party vendor risks and has triggered class action lawsuits against the firm.

New data shows a 21% jump in fraud attempts during Thanksgiving week, with automated bots and credential stuffing leading the charge.

Part of the growing "phishing-as-a-service" economy, the Spiderman kit offers novice hackers sophisticated tools to target customers of major EU institutions.

The DOJ says the Ukrainian national helped coordinate Russian state-sponsored DDoS attacks against banks internationally.

The lawsuit alleges the fintech giant secured its own corporate data with strong MFA while leaving client systems vulnerable to compromise.

While overall payments declined, the financial sector remained the top payer to cybercriminals, surpassing both health care and manufacturing.

More than 400,000 consumers may be affected after Marquis Software Solutions suffered a breach traced to a bug in SonicWall software disclosed last year.

While banks welcome the "whole-of-government" approach that led the effort, private sector takedowns remain difficult without federal warrants.

The Troy, Michigan-based lender and servicer faces at least seven lawsuits over a hack in June allegedly perpetrated by a known ransomware gang.

Regulators officially ended the high-profile enforcement action over the 2020 breach, a move applauded by security leaders fearing personal liability.

Kunal Mehta, also known by the alias "Shrek," used shell companies and bulk cash drops to clean millions for a cybercrime ring that stole $263 million.

A "spike in unusual traffic" caused service degradation for the infrastructure giant, disrupting digital banking for customers.

The bank is adding trusted contacts, specialized teams and new tech against scams, but consumer advocates say reimbursement is the key missing piece.

The agreement, if approved by a federal judge, would end litigation over two distinct cybersecurity incidents in 2021 which affected over 2 million customers.