BankInfoSecurity.com

Outsiders Could Exploit Misconfig to Stream Commands, Credentials
A misconfiguration in Microsoft's Azure SRE Agent may have allowed any Azure account holder from any company to tap into another organization's agent conversations in real time, watching commands, outputs and credentials, leaving no trace.

Cisco's Jeetu Patel on How Machine-Speed Threats Drive Need for AI-Led Security
Cisco's Jeetu Patel explains how AI models are compressing exploit timelines to minutes, forcing a shift to machine-speed defense, real-time enforcement and deeper ecosystem collaboration to secure critical infrastructure and stay ahead of adversaries.

The European Union Is Cutting Ties With US Tech Companies
The European Commission made a significant move towards "digital sovereignty" by awarding a 180 million euro - approximately $213 million - cloud contract to a quartet of European providers. The deal will allow the commission and the EU Parliament and council to procure sovereign cloud services.

UPGRADE and DigiSeals Programs at ARPA-H Remain Fully Funded
A U.S. federal grant effort to develop autonomous medical device patching platforms for hospitals evaded the budget-cutting knife of the Trump administration. Program boosters hope to automate cyber defenses so that hospitals of any size can more quickly patch vulnerabilities.

Officials Warned New Models Could Accelerate Cyber Risks Faster Than Rules
Global finance officials meeting in Washington warned that advanced artificial intelligence models could expose structural weaknesses across banking and payment systems, speeding vulnerability discovery and cyber exploitation faster than regulators can build guardrails.

Tyler Buchanan Pleads Guilty to Conspiracy to Commit Wire Fraud and Identity Theft
A senior figure in the Scattered Spider cybercrime group pleaded guilty to one count of conspiracy to commit wire fraud and one count of aggravated identity theft on Friday in US federal district court. The plea marks the conclusion of a digital crime spree by Tyler Robert Buchanan.

How We Respond Will Determine the Future Of Cybersecurity and the Digital World
The introduction of Anthropic's Mythos model signals a shift in the cybersecurity industry - one not yet fully understood, which prompted Project Glasswing: a coordinated group of ecosystem partners who have been given early access to this capability to define impending future threats before they hit.

Equifax CTO Jamil Farshchi on Cybersecurity's Response to Flood of Vulnerabilities
Cybersecurity organizations must adapt to machine-speed threats in the age of Anthropic's Claude Mythos, a new AI model that can uncover vulnerabilities and lead to a flood of repaid exploits. Equifax CTO Jamil Farshchi says security programs must be built for scale, automation and quick response.

Bank of America, Citi and Goldman Anchor Partner Cohort for OpenAI's GPT-5.4-Cyber
OpenAI's Trusted Access for Cyber program prioritizes financial institutions to drive adoption of GPT-5.4-Cyber in regulated environments, highlighting a split with Anthropic’s developer-centric, tech-heavy partnerships and raising questions about partnership value and data-sharing models.

CISA Acting Director Says Major Staffing Gaps Are Weakening Federal Network Defense
The acting director of the Cybersecurity and Infrastructure Security Agency said the administration's fiscal year $2.5 billion budget request reflects mounting strain from workforce shortages and shutdown disruptions that have reduced staffing to 40% in recent months.

Also, Eurail Breach, ChipSoft Hospital Disruptions, W3LL Phishing Takedown
This week, a "Raccoon"-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda scams, major data leaks hit healthcare and China, ransomware and phishing ops surged, and multiple breaches impacted firms and hospitals.

Playbook Aims to Help Healthcare, Public Sector Manage AI Vendor Security Gaps
The Health Sector Coordinating Council released guidance to help the healthcare and public health sector better manage the explosion of third-party AI vendor cyber risk concerns they face, especially as the technology is embedded in all sorts of products.

Critics Call Foreign-Made Router Ban 'Industrial Policy Disguised As Cybersecurity'
Netgear obtained a temporary waiver from the Federal Communications Commission allowing it to continue importing consumer routers through most of 2027, making the networking hardware giant the first consumer brand to circumvent a ban on foreign-made hardware.

Felicis-Led Series A Backs Telemetry Correlation Across Cloud, Identity, Endpoints
Artemis, a New York startup led by former Amazon GuardDuty product leader Shachar Hirshberg, emerged from stealth with $70 million to build an AI-driven SIEM alternative that correlates telemetry across enterprise environments, tailors detections and speeds investigations.

Agencies Prioritizing Tracking Use Over Enforcing Immediate Cutoffs
Federal agency staffers tell ISMG they are still using Anthropic's AI tools weeks after U.S. President Donald Trump ordered an immediate halt, as officials prioritize mapping dependencies and evaluating alternatives over enforcing a rapid shutdown.

CISO Insights Reveal Gaps Between AI Adoption Speed and Data Security Maturity
A survey of 124 CISOs reveals most enterprises have scaled AI but lack confidence in data security controls. With only one in five initiatives meeting KPIs, gaps in enforcement, data trust and visibility are emerging as critical barriers to AI success.

Slumping Stock and Slower Growth Than Rival Rubrik Pave Way for Take-Private Deal
Reuters reported that Commvault is working with Goldman Sachs to explore a sale after receiving takeover interest from both private equity firms and strategic buyers. Thoma Bravo is among the buyers that have expressed interest in Commvault, sources told Reuters.