BankInfoSecurity.com

Steinberger to Lead AI Giant's Multi-Agent Development Team
Peter Steinberger is joining OpenAI to lead development of personal agents, culminating weeks of viral attention paid to his OpenClaw open-source artificial intelligence assistant project. Security experts dubbed it a "dumpster fire" after hackers were quick to add malicious functions.

AI Fumbles, Not Hackers, Pose Next Shutdown Threat by 2028: Gartner
A misconfigured artificial intelligence system could do what hackers have tried and failed to accomplish: shut down an advanced economy's critical infrastructure. The warning centers on scenarios where AI autonomously shuts down vital services, misinterprets sensor data or triggers unsafe actions.

New HHS Enforcement Program Focuses on Patient Confidentiality, Aligning With HIPAA
The U.S. Department of Health and Human Services has launched a new breach reporting website and guidance materials to support its duties of enforcing compliance mandates that went into effect Monday to better align the confidentiality of substance use disorder records with the HIPAA privacy rule.

'Malicious Server Threat Model' Threatens 'Zero Knowledge Encryption' Guarantees
Claims by leading stand-alone password managers that their implementation of "zero knowledge encryption" means stored passwords can withstand the worst of hacker assaults are vastly overblown, say academic security researchers. They said vendors are in the process of patching the flaws they found.

Agentic AI Is Reshaping Security Faster Than Traditional Defenses Can Keep Up
Agentic artificial intelligence is fundamentally altering organizational workflows and how risk materializes. In 2026, emerging cybersecurity trends will push organizations to move from deterministic, rule-based risk models toward adaptive models built for autonomous, non-deterministic systems.

Four Principles Positioning the Nuclear Ecosystem for Long-Term Cyber Resilience
OT weaknesses are compounding across utilities, with 22% of critical infrastructure firms reporting OT incidents and external access driving half of breaches. U.K. NCSC's new guidance outlines connectivity principles that utilities can embed to avoid costly retrofits and compliance issues.

OpenAI Tests Promos, Anthropic Rejects Them Amid Rising Compute Costs
OpenAI has a problem: Most users don't pay for access to ChatGPT. The company is now doing what almost every Silicon Valley company before it has done and turning to digital advertising. Whether ads can bridge OpenAI's well-documented revenue gap without users fleeing is another question.

CIOs Say Stalled Pilots, Vendor Regret and Growing Fatigue Stifle AI Ambition
These may be the halcyon days for enterprise artificial intelligence, where money and ambition are only hindered by imagination as tech vendors race to gain a competitive edge. But CIOs say they're feeling increasing pressure to show ROI - and the reckoning is coming soon.

Deal Targets GenAI Risks, Prompt Injection Attacks and Autonomous Agents
Proofpoint has acquired AI security startup Acuvity to address fast-evolving risks tied to generative AI, prompt injection and autonomous agents. The company says intent-based guardrails and deep AI forensics will help enterprises secure tools such as ChatGPT, Claude and emerging agent frameworks.

VoidCrypt Ransomware Variant Taps RMM Tools, Says Huntress
Management isn't the only advocate for employee monitoring software, according to new research from cybersecurity firm Huntress. RMM tools - simultaneously open to remote connections and with privileged local access - are good for wiggling into corporate networks.

Plaintext Emails Trigger Police Probes Into Potential Leaks of State Secrets
The volume of information contained in the "Epstein Files," bizarre pictures they paint and our inability to know what they don't document complicate attempts to understand what it all means. What is clear is the digital detritus that can be generated by just a single iPad-using Boomer.

McKinsey Reveals How Top Performing Firms Are Redefining Tech Leadership
Before artificial intelligence dominated every technology conversation, the successful CIO focused on keeping business systems up and running while keeping costs in line. But in 2026, the picture is changing, according to McKinsey's Global Tech Agenda 2026.

Review Finds Access Control, Incident Response Gaps for 2 DHHS Data Repositories
A lack of access controls, poor record request handling, weak incident response plans and other security deficiencies related to two critical data repositories are potentially putting millions of Utahans sensitive personal and health information at risk, said a state audit report.

AI Agents Target Anti-Money Laundering at Major Global Banks, Cut Manual Probes
Bretton AI has raised $75 million in Series B funding led by Sapphire Ventures to scale AI agents for anti-money laundering sanctions and KYC compliance. CEO Will Lawrence says the company is targeting large banks with automation designed to reduce manual investigations and improve auditability.

Also: Spanish Hacker Granted Russian Asylum, Microsoft Patches Zero-Days
This week, a CISA warning, Nest footage in Nancy Guthrie case, Signal phishing. Spanish hacker, Russian asylum. Spanish ministry services offline. BYOVD ransomware. The Conduent breach hit Volvo. Microsoft patched zero-days. ZeroDayRAT targeted devices. The SmarterMail breach. Another Fortinet flaw.