Banks race to patch new cyber vulnerabilities, and other cybersecurity news

Banks in the US, EU and Japan are scrambling to fix cyber holes surfaced by Anthropic’s Mythos AI tool, and to prepare for bad actors misusing tools of this type.

While the vulnerability-hunting AI model has only been made available to a limited number of institutions currently, firstly in the US, its impact is being felt worldwide. Banks are discovering previously unknown weaknesses, increasing pressure to accelerate remediation and upgrades, particularly in institutions with ageing legacy systems.

Smaller banks are being warned through shared findings from larger peers, while the European Central Bank (ECB) is urging banks across the eurozone to urgently prepare for cyberattacks. “Lack of access [to Mythos] is no excuse for doing nothing. On the contrary, it makes it even more important for banks to act now,” said ECB Executive Board member Frank Elderson.

The International Monetary Fund has also weighed in, saying that “fast-moving, AI-driven cyber risks could destabilize the financial system if not managed carefully". A new World Economic Forum report, in collaboration with KPMG, lays out how that careful management can be achieved. Empowering Defenders: AI for Cybersecurity says that organizations must choose from four levels of AI autonomy, and that with each there is a trade-off: "machine-speed actions enable cybersecurity professionals to counter AI-driven threats, but reduce the human accountability and oversight needed to catch errors before they cause damage".

The company behind Canvas, the widely used education platform, says it has "reached an agreement" with the hackers behind a major breach that disrupted thousands of universities and colleges across the US, Canada, Australia and the UK in early May.

Instructure said the deal prevented the publication of 3.5 terabytes of stolen student and university data and included “digital confirmation” that the material had been destroyed, although the BBC said the company stopped short of spelling out whether money changed hands.

The deal is seen by many cybersecurity experts as a risky trade-off, because there is no guarantee that the stolen data is actually deleted and it may also set a precedent and encourage further attacks.

A recent survey by a US cybersecurity company found that 58% of Chief Information Security Officers are willing to pay hackers to "minimize disruption". But this approach can backfire, says Cybersecurity Insiders, with ransomware attacks now often involving a 'double extortion' – in which data is first stolen and then organizations are locked out of their own networks.

World Cup build-up sparks cyber warnings: A UK cybersecurity expert has warned that the upcoming 2026 football tournament across the US, Canada and Mexico could be "a temporary single point of failure" because it is a large spectacle with global visibility. Dr Aybars Tuncdogan of King's College London Business School cited AI and geopolitical tensions as extra risk factors. Separately, a cybersecurity firm has warned that criminals are taking advantage of fans' excitement, with a rise in fake tickets, websites and phishing campaigns.

Fresh set of cyberattacks on Ukraine: The threat group known as Ghostwriter is believed to be behind a recent spate of cyberattacks targeting governmental organizations in Ukraine. The Hacker News reports that the attacks involved PDF decoy documents, with the phishing emails impersonating a local telecommunications company.

First AI-generated zero-day exploit detected: Google has identified a zero-day exploit – a cyberattack that is unknown to the vendor, developers or the public -developed using an AI model, reports Security Week. Designed to bypass two-factor authentication, this is the first time AI has been used to develop such an exploit. Google has not named the hacker group, but says the discovery may have prevented "a mass exploitation event".

OpenAI victim of supply chain attack: ChatGPT developer OpenAI has disclosed that two of its employee devices have been impacted by the supply chain attack on TanStack. On a blog post about the incident, the organization said they "found no evidence that OpenAI user data was accessed, that our production systems or intellectual property were compromised, or that our software was altered".

Cyber-crime network taken down for second time: German police shut down the second iteration of Crimenetwork in early May, a criminal marketplace that was first stopped in December 2024, according to Security Week. Both versions allowed criminals to trade illegal goods and services, like stolen data, drugs and fake documents, with transactions made in cryptocurrency such as Bitcoin. Law enforcement evidence suggests Crimenetwork was making more than $4.2 million in revenue.

Annual Meeting on Cybersecurity 2026: Cybersecurity has become a systemic, economic and strategic imperative in an AI-driven, fragmented world. This was not a gradual evolution; it was a fundamental shift. Against this backdrop, leaders convened at the World Economic Forum’s Annual Meeting on Cybersecurity 2026 in Geneva to advance cooperation and shape a more resilient digital future.

Cybercrime has evolved into a vast and complex ecosystem, comprised of diverse players that trade, collaborate, specialize and depend on each other across every phase of criminal operations. To combat such activity, greater transparency and shared information are required. The Forum’s Cybercrime Atlas helps bridge these gaps by building a shared understanding of cybercriminal networks and enabling more coordinated action. Learn more about the initiative here.

The transition to quantum-safe security is well underway, impacting every layer of the digital economy and providing the opportunity to build stronger cyber resilience. But it's a complex process, explains this expert. Standards have to be embedded and then deployed across the infrastructure societies depend on every day. And that process only works when each layer moves with clarity and alignment.

Nation-state bad actors now use cyber attacks to actively sabotage critical infrastructure like hospitals, power grids and transit networks, with the burden of defending such infrastructure falling on cash- and resource-strapped local authorities. Deploying AI for defence can close the gap between physical operational technology and digital IT networks by matching the speed of attackers, argues the CEO of a US cybersecurity company.