惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

The Hacker News
The Hacker News
F
Full Disclosure
Cloudbric
Cloudbric
Blog — PlanetScale
Blog — PlanetScale
W
WeLiveSecurity
N
News and Events Feed by Topic
T
Troy Hunt's Blog
V2EX - 技术
V2EX - 技术
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
B
Blog
GbyAI
GbyAI
C
Check Point Blog
B
Blog RSS Feed
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Recorded Future
Recorded Future
The Last Watchdog
The Last Watchdog
N
News and Events Feed by Topic
T
The Blog of Author Tim Ferriss
O
OpenAI News
V
V2EX
人人都是产品经理
人人都是产品经理
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
IT之家
IT之家
WordPress大学
WordPress大学
www.infosecurity-magazine.com
www.infosecurity-magazine.com
S
Security @ Cisco Blogs
C
Cisco Blogs
Security Latest
Security Latest
S
Security Affairs
V
Visual Studio Blog
C
Cybersecurity and Infrastructure Security Agency CISA
Hacker News - Newest:
Hacker News - Newest: "LLM"
博客园 - 司徒正美
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Microsoft Azure Blog
Microsoft Azure Blog
Last Week in AI
Last Week in AI
AWS News Blog
AWS News Blog
雷峰网
雷峰网
Apple Machine Learning Research
Apple Machine Learning Research
PCI Perspectives
PCI Perspectives
博客园_首页
U
Unit 42
Google DeepMind News
Google DeepMind News
Hugging Face - Blog
Hugging Face - Blog
Project Zero
Project Zero
Cisco Talos Blog
Cisco Talos Blog
The Register - Security
The Register - Security
N
Netflix TechBlog - Medium
L
LINUX DO - 热门话题
H
Hacker News: Front Page

Cybersecurity Dive - Latest News

Dozens of Red Hat npm packages targeted in supply chain attack Turning tension into collaboration: How CIOs and CISOs can lead together Trump signs EO seeking early government access to powerful AI models Anthropic shares Mythos with 150 more organizations, including critical infrastructure operators Without strong governance, companies put credit ratings at risk in AI era CISA adds critical Palo Alto Networks firewall flaw to KEV as company, researchers warn of exploitation How Canva scaled to 260+M users while elevating security and productivity Top 4 data security best practices for the AI-enabled enterprise CISA urges security teams to check for software development compromises How CISOs can manage sovereign-cloud security risks IBM’s new $5B initiative will help enterprises rapidly patch open-source vulnerabilities Enterprise data is creeping its way into shadow AI tools Coordinated operation takes down Glassworm botnet Leading AI models are more vulnerable to malicious prompts than vendors claim Iranian government, not hacktivist group, breached LA Metro system, security firm says FBI warns about PhaaS platform used to access Microsoft 365 environments Iran-linked hackers target key US, allied sectors with sophisticated spear-phishing messages New York regulator calls for additional cyber mitigation amid heightened threat environment CISA asks cybersecurity community to alert it to vulnerability exploitation Grafana Labs links GitHub environment breach to TanStack npm supply chain attack 7-Eleven hit by data breach Microsoft disrupts cybercrime operation that hid behind legitimate software Compromised coding tool helped hackers breach thousands of GitHub repositories Telecom sector launches its own private ISAC Patch bypass allows hackers to exploit prior flaw in SonicWall SSL-VPN Grafana Labs says hacker gained access to codebase through leaked token How a government contest launched a revolution in AI-based bug hunting Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller MSPs need AI to fight AI-fueled cyberthreats: Guardz More money is going to physical security, but it’s often CISOs that oversee it: EY Frontier AI models reap rapid discovery of security vulnerabilities West Pharmaceutical starts restoring operations after ransomware attack Foxconn confirms cyberattack affecting some North American facilities OpenAI launches Daybreak to combat cyber threats Canvas owner reaches ‘agreement’ with threat actors after data breach Guardrail Technologies launches Traffic Light for Code & AI™; first security technology to verify & secure AI code and the people creating it Identity takes center stage as a leading factor in enterprise cyberattacks AI and an absent government: Takeaways from RSAC 2026 Second Canvas data breach causes major disruptions for schools, colleges AI used to develop working zero-day exploit, researchers warn New cybersecurity industry alliance aims to lead US critical infrastructure protection Identity is the new perimeter as rapid NHI proliferation threatens visibility and control Instructure confirms cybersecurity incident Anthropic’s Claude used in attempted compromise of Mexican water utility Businesses hide vast majority of ransomware attacks, report finds Palo Alto Networks warns state-linked cluster behind zero-day exploitation Businesses eager but unprepared for AI to transform their security strategies Iran-sponsored threat group behind false flag social engineering campaign NIST will test three major tech firms’ frontier AI models for cybersecurity risks Trellix investigating breach of source code repository CISA urges critical infrastructure firms to ‘fortify’ before it’s too late Critical vulnerability in cPanel leads to widespread exploitation New MOVEit vulnerabilities prompt urgent patch warning How OpenClaw’s agent skills become an attack surface White House questions tech industry on defensive AI use, cybersecurity resilience As email phishing evolves, malicious attachments decline and QR codes surge US and allies urge ‘careful adoption’ of AI agents PwC partners with Google Cloud to take on the managed security market US agencies promote zero-trust practices for operational technology networks CISA adds Microsoft, ConnectWise vulnerabilities to active exploitation catalog State CISOs losing confidence in ability to manage cyber risks ‘Fundamental tension’ undermines manufacturers’ cybersecurity North Korea-linked actor targets Web3 execs in social-engineering campaign US, UK authorities warn that Firestarter backdoor malware survives patching Major critical infrastructure supplier reports cyberattack When security becomes the attack surface: Why endpoint protection must evolve Hasbro expects March cyberattack to impact second-quarter revenue AI-written software creates hassles for wary security teams Iran-nexus threat groups refine attacks against critical infrastructure China disguises cyberattacks with ‘covert network’ botnets, US and allies warn Trump’s CISA director pick withdraws after tumultuous nomination Phishing — sometimes with AI’s help — topped initial-access methods in Q1, Cisco says Microsoft SharePoint vulnerability widely exposed across multiple countries CISA urges security teams to view environments following axios compromise CISA confirms exploitation of 3 more Cisco networking device vulnerabilities Stellantis teams with Microsoft to strengthen digital capabilities Vulnerability exploitation surges often precede disclosure, offering possible early warnings Vercel systems targeted after third-party tool compromised Beyond IT: Cybersecurity is a strategic business risk TP-Link routers face exploitation attempt linked to high-severity flaw US joins nearly two dozen other countries in striking back against DDoS-for-hire platforms CIOs fret over rising security concerns amid AI adoption CISA cancels prestigious summer internships, citing government shutdown NIST limits vulnerability analysis as CVE backlog swells Medium-severity flaw in Microsoft SharePoint exploited FCC exempts Netgear from foreign router ban FCC signals continued commitment to Cyber Trust Mark program Brute-force cyberattacks originating in Middle East surge in Q1 CISOs see gaps in their incident response playbooks US, Indonesia shut down ‘sophisticated’ phishing kit Nearly 4K industrial control devices vulnerable to Iran-linked hacking campaign Stryker warns of earnings fallout from March cyberattack NERC is ‘actively monitoring the grid’ following Iran-linked cyber threat CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog US operation evicts Russia from hacked SOHO routers used to breach critical infrastructure Iran-linked hackers target water, energy in US, FBI and CISA warn React2Shell vulnerability helps hackers steal credentials, AI platform keys and other sensitive data Olympic Games, FIFA World Cup offer huge platforms, rich cyberattack surface Threat cluster launches extortion campaign using social engineering CISA’s vulnerability scans, field support on chopping block in Trump budget
Big banks seek to ease security worries as AI push accelerates
Makenzie Holland · 2026-04-21 · via Cybersecurity Dive - Latest News

Banking giants aren’t slowing their AI investments as they pursue efficiency and productivity gains from the technology’s implementation. However, the latest frontier model developments are causing a cybersecurity stir among financial institutions. 

Firms including JPMorgan Chase, Morgan Stanley, Goldman Sachs, BNY and others reported earnings results for the first quarter of 2026 this week. While executives focused on AI wins and the technology’s potential in the industry, several fielded concerns about frontier AI models and their implications for cybersecurity.  

Anthropic earlier this month said its Claude Mythos Preview frontier model could reshape cybersecurity as it surpasses human capabilities of finding and exploiting software vulnerabilities. The model provider claims Mythos Preview has already discovered thousands of serious vulnerabilities across major web browsers and operating systems. Anthropic formed Project Glasswing with partners, including JPMorgan Chase, as a result. Launch partners will be using Mythos Preview in their defensive cybersecurity work, according to Anthropic. 

“JPMorgan is very well protected,” CEO Jamie Dimon said during the company’s Q1 2026 earnings call Tuesday. “We spend a lot of money, we’ve got top experts, we’re in constant contact with the government. We’re constantly updating things, but AI has made it worse, it’s made it harder. Of course, we read about Mythos, which we’re testing now and looking at it and it does create additional vulnerabilities.” 

Morgan Stanley CEO Ted Pick also addressed cybersecurity concerns around AI frontier models during the company’s earnings call Wednesday. The company is working with Mythos Preview to improve its cybersecurity infrastructure, an area the firm has long invested in, Pick said. 

“AI is our friend, OK?” he said. “It is just the latest generation of technology that is going to be part of the ecosystem.”  

For nearly all banking executives, data security, privacy and risk will be the top factors affecting AI strategy over the next six months, with 80% of executives including cyber and data security in their AI budgets, according to KPMG’s AI Quarterly Pulse Survey.

Projected AI spend for banks over the next 12 months reached $177 million in Q1 2026, a 33% increase from the previous quarter, the survey found. Banking institutions’ AI investments will continue to grow, moving from isolated use cases to enterprise-wide integration, said Chris Long, KPMG U.S. advisory leader in financial services. 

“The priority now is scaling AI capabilities across the organization while strengthening governance, monitoring and controls to detect misuse, prepare for bad actors, and align risk, compliance, and business functions to support responsible growth,” he said in an emailed statement. 

AI gains in banking

Despite AI risk concerns, banks are capitalizing on the technology’s benefits and pouring resources into business transformation. 

Goldman Sachs is leaning on AI to accelerate growth and efficiency within the company’s business operations. The bank plans to double down on infrastructure as it builds out its One Goldman Sachs 3.0 AI operating model, including accelerating investments in cloud migration and data accuracy, CFO Denis Coleman said.  

“These investments are critical to optimizing the deployment of AI solutions across the firm, which will allow us to unlock greater productivity and efficiency opportunities over time,” Coleman said during the Monday earnings call

Morgan Stanley is also zeroed in on AI gains, including moving beyond small wins such as automating routine operational functions to transformational business overhauls leading to productivity boosts, Pick said. 

“A lot of the good that AI is going to bring both as an efficiency and effectiveness matter should not get dismissed because that’s an important phenomenon that’s going to continue to transform this firm,” he said. 

BNY has focused on broad AI adoption, developing more than 200 AI products such as agentic digital employees operating alongside humans, CEO Robin Vince said during the Thursday earnings call. 

The banking giant plans to increase AI adoption in 2026 as it embeds the technology in workflows across the company and focuses on using AI to enhance end-to-end processes, he said, adding that the technology is already contributing to the bank’s financial performance. 

“AI is helping us increase the pace at which we innovate our technology, accelerate onboarding, improve client service and streamline processes,” Vince said. 

Security is also top of mind for the bank. BNY is running the Mythos Preview model and is part of OpenAI’s Trusted Access for Cyber program, which the model provider expanded in preparation for future, more capable AI models. 

“What AI really is now is a superpower,” Vince said. “It can be used for good and it can be used for evil. We’re pulling the superpower into our environment to use for good in order to be able to defend ourselves. We view this as an entirely predictable evolution of the technology.” 

End-to-end process improvement and cybersecurity are also on Citigroup’s radar. The financial services firm is using AI for operational efficiency gains by simplifying complex and manually-intensive processes, as well as cybersecurity defenses, said CEO Jane Fraser during the company’s earnings call Tuesday. 

Citi’s enterprisewide approach to AI also focuses on revenue generation and workforce implications, Fraser said. 

“We are methodically deploying AI at scale across the firm to drive revenues and process improvements, enhance client experiences and strengthen our defensive capabilities,” she said.