Collecting Cyber-News from over 60 sources

Tag: finance

$300 a Month Android Malware ‘Oblivion’ Uses Fake Updates to Hijack Phones

Feb 25, 2026 12:37 PM

Tags: android, cybersecurity, finance, malware, password, phone, update

Cybersecurity researchers at Certo reveal Oblivion, a new Android Trojan targeting major brands like Samsung and Xiaomi. It bypasses security to steal passwords and bank codes. First seen on hackread.com Jump to article: hackread.com/android-malware-oblivion-fake-updates-hijack-phones/
UAC-0050 Targets European Financial Institution With Spoofed Domain and RMS Malware

Feb 24, 2026 7:02 PM

Tags: attack, finance, intelligence, malware, russia, social-engineering, theft, threat, ukraine

A Russia-aligned threat actor has been observed targeting a European financial institution as part of a social engineering attack to likely facilitate intelligence gathering or financial theft, signaling a possible expansion of the threat actor’s targeting beyond Ukraine and into entities supporting the war-torn nation.The activity, which targeted an unnamed entity involved in regional First…
The Coming Regulatory Wave for AI Agents Their APIs

Feb 24, 2026 6:00 PM

Tags: access, ai, api, attack, ciso, compliance, control, corporate, data, endpoint, finance, framework, governance, guide, infrastructure, leak, monitoring, regulation, risk, tool

For the past two years, the adoption of Generative AI has felt like a gold rush. Organizations raced to integrate Large Language Models and build autonomous agents to assist employees. They often bypassed standard governance processes in the name of speed and innovation. That era of unrestricted experimentation is rapidly drawing to a close. A…
Navigating the Frontier: A Guide to Establishing AI Governance

Feb 24, 2026 5:02 PM

Tags: ai, business, data, finance, governance, guide, privacy, service

Navigating the Frontier: A Guide to Establishing AI Governance 1. Build a Cross-Functional Foundation The first step in any governance program is defining who is responsible for what actions. AI impacts every corner of the business, so a siloed approach will fail. Assemble a Cross-Functional Team: Bring together stakeholders from Marketing, Product Development, Finance, HR,…The…
Crypto platform Step Finance shutting down after $40 million theft

Feb 24, 2026 5:02 PM

Tags: crypto, finance, theft

The decentralized finance platform Step Finance said the theft of $40 million from its treasury in late January led the company to decide to wind down operations. First seen on therecord.media Jump to article: therecord.media/step-finance-cryptocurrency-theft-shutdown
BlueVoyant deckt neue Rift Brigantine-Angriffskampagne auf

Feb 24, 2026 2:02 PM

Tags: finance, soc, software

Um sich vor der neuen Kampagne zu schützen, empfehlen die SOC- und FTC-Forensiker von BlueVoyant Unternehmen, ihre Software ausschließlich aus verifizierten Herstellerquellen oder internen Repositories zu beziehen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/bluevoyant-deckt-neue-rift-brigantine-angriffskampagne-auf/a43807/
Neobank: Ex-Mitarbeiter erpresst offenbar Kunden von Revolut

Feb 24, 2026 2:02 PM

Tags: extortion, finance

Ein Ex-Angestellter von Revolut hat anscheinend während seiner Tätigkeit für die Bank Kundendaten abgegriffen und missbraucht diese nun für Erpressungen. First seen on golem.de Jump to article: www.golem.de/news/neobank-ex-mitarbeiter-erpresst-offenbar-kunden-von-revolut-2602-205772.html
ZeroDayRAT Targets Android and iOS Devices for Surveillance and Financial Data Theft

Feb 24, 2026 10:01 AM

Tags: access, android, crime, cyber, data, finance, mobile, rat, service, theft

ZeroDayRAT targets Android and iOS devices, combining real-time surveillance with direct financial theft within a single browser panel. The Malware-as-a-Service (MaaS) ecosystem is entering a new phase, blending mobile surveillance and financial crime into one seamless platform. Active promotions for this RAT (Remote Access Trojan) began on Telegram channels on February 2, 2026, highlighting its dual purpose: real-time spying and direct financial…
The rise of the evasive adversary

Feb 24, 2026 8:01 AM

Tags: access, ai, attack, authentication, breach, china, cloud, credentials, crime, crowdstrike, crypto, data, defense, endpoint, exploit, finance, firewall, group, identity, infrastructure, intelligence, korea, lazarus, leak, mail, malicious, malware, microsoft, monitoring, network, north-korea, open-source, phishing, ransomware, remote-code-execution, russia, saas, service, software, strategy, supply-chain, tactics, theft, threat, tool, update, vpn, vulnerability, windows, zero-day

Big game hunters tighten their grip: CrowdStrike’s research highlights how big game hunting (BGH) ransomware actors have remained the dominant force in the eCrime landscape.Punk Spider, a group responsible for developing and maintaining Russian-language Akira ransomware, and its associated Akira dedicated leak site, conducted 198 intrusions in 2025, a 134% increase year over year. Victim-shaming operations…
What makes Agentic AI capable in secrets scanning

Feb 24, 2026 1:01 AM

Tags: ai, cloud, computing, cybersecurity, finance, framework, healthcare, service

How Can Organizations Securely Manage Non-Human Identities? Have you ever considered how important it is to manage machine identities within your organization’s cybersecurity framework? Non-Human Identities (NHIs) are becoming increasingly crucial with digital evolves, particularly in industries like financial services, healthcare, and cloud-based services. With the surge in cloud computing, the gap between security teams……
Spitting Cash: ATM Jackpotting Attacks Surged in 2025

Feb 24, 2026 1:01 AM

Tags: attack, finance, tactics, tool

The attacks cost banks more than $20 million in losses last year, as criminals used many of the same tools and tactics they have wielded for more than a decade. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/atm-jackpotting-attacks-surged-2025
Moving From Anomalies to Connections in Fraud Defense

Feb 24, 2026 12:02 AM

Tags: ai, ciso, defense, finance, fraud, intelligence, network

Shared Network Intelligence Adds Ecosystem Visibility to AI Models. Fraudsters collaborate, but most banks still detect fraud alone. This imbalance has defined fraud prevention for years. Now CISOs and fraud practitioners are rethinking their approach using network intelligence signals. Network intelligence shifts the lens by focusing on relationships across banks. First seen on govinfosecurity.com Jump…
PayPal Ties Small Data Breach and Fraud to App Coding Error

Feb 23, 2026 8:01 PM

Tags: breach, business, data, data-breach, finance, fintech, fraud, service

Fintech Giant Says Personal Data Exposed for About 100 Business Users of Loan App. Financial services firm PayPal said it discovered a data breach that lasted for six months, exposed some business customers’ personal information and led to fraudulent charges. The company said about 100 customers were affected, and that it has fully refunded them…
PayPal Confirms Six-Month Data Exposure Linked to Loan System Error

Feb 23, 2026 5:02 PM

Tags: data, data-breach, finance, leak

PayPal has confirmed a data leak in its Working Capital loan system that exposed names, dates of birth, and Social Security numbers for six months. First seen on hackread.com Jump to article: hackread.com/paypal-confirms-loan-system-error-data-exposure/
1.2 Million Accounts Exposed in French Bank Registry Breach

Feb 23, 2026 4:00 PM

Tags: access, breach, credentials, data, data-breach, finance, government

Stolen government credentials were used to access France’s FICOBA registry, exposing data tied to roughly 1.2 million bank accounts. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/1-2-million-accounts-exposed-in-french-bank-registry-breach/
Jackpotting Surge Costs Banks Over $20m, Warns FBI

Feb 23, 2026 12:01 PM

Tags: attack, finance

A new FBI Flash alert claims $20m was lost to ATM jackpotting attacks in 2025 alone First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/jackpotting-surge-costs-banks-20m/
23rd February Threat Intelligence Report

Feb 23, 2026 11:02 AM

Tags: access, breach, data, data-breach, finance, intelligence, threat, unauthorized

France’s Ministry of Economy has disclosed a data breach resulted from an unauthorized access to the national bank account registry FICOBA, impacting information tied to 1.2 million accounts. Exposed data includes names, […] First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2026/23rd-february-threat-intelligence-report/
Datenleck: Daten einiger Paypal-Nutzer monatelang geleakt

Feb 23, 2026 10:02 AM

Tags: business, data-breach, finance

Von Juli bis Dezember 2025 konnten Angreifer Daten einiger Paypal-Business-Kunden abgreifen. Auch unbefugte Transaktionen wurden beobachtet. First seen on golem.de Jump to article: www.golem.de/news/datenleck-daten-einiger-paypal-nutzer-monatelang-geleakt-2602-205713.html
13 ways attackers use generative AI to exploit your systems

Feb 23, 2026 9:01 AM

Tags: access, ai, attack, authentication, awareness, breach, captcha, ceo, chatgpt, ciso, cloud, credentials, crypto, cyber, cyberattack, cybercrime, cybersecurity, dark-web, data, deep-fake, defense, detection, email, espionage, exploit, extortion, finance, flaw, framework, fraud, google, government, group, hacker, identity, infrastructure, intelligence, law, LLM, login, malicious, malware, marketplace, network, open-source, password, phishing, privacy, ransomware, resilience, risk, saas, scam, service, social-engineering, startup, supply-chain, tactics, technology, theft, threat, tool, vulnerability, zero-day

Facilitating malware development: AI can also be used to generate more sophisticated, or less labour-intensive, malware.For example, cybercriminals are using gen AI to create malicious HTML documents. The XWorm attack, initiated by HTML smuggling, which contains malicious code that downloads and runs the malware, bears the hallmarks of development via AI.”The loader’s detailed line-by-line description…
13 ways attackers use generative AI to exploit your systems

Feb 23, 2026 9:01 AM

Tags: access, ai, attack, authentication, awareness, breach, captcha, ceo, chatgpt, ciso, cloud, credentials, crypto, cyber, cyberattack, cybercrime, cybersecurity, dark-web, data, deep-fake, defense, detection, email, espionage, exploit, extortion, finance, flaw, framework, fraud, google, government, group, hacker, identity, infrastructure, intelligence, law, LLM, login, malicious, malware, marketplace, network, open-source, password, phishing, privacy, ransomware, resilience, risk, saas, scam, service, social-engineering, startup, supply-chain, tactics, technology, theft, threat, tool, vulnerability, zero-day

Facilitating malware development: AI can also be used to generate more sophisticated, or less labour-intensive, malware.For example, cybercriminals are using gen AI to create malicious HTML documents. The XWorm attack, initiated by HTML smuggling, which contains malicious code that downloads and runs the malware, bears the hallmarks of development via AI.”The loader’s detailed line-by-line description…
Security Affairs newsletter Round 564 by Pierluigi Paganini INTERNATIONAL EDITION

Feb 22, 2026 4:01 PM

Tags: cisa, data, email, exploit, finance, flaw, international, kev, vulnerability, WeeklyReview

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. CISA adds RoundCube Webmail flaws to its Known Exploited Vulnerabilities catalog PayPal discloses extended data…
KnowBe4 ernennt erfahrenen Finanzmanager Yuneeb Khan zum CFO

Feb 21, 2026 8:02 PM

Tags: ceo, finance

KnowBe4 ernennt Yuneeb Khan zum Chief Financial Officer. Er wird direkt an Bryan Palma, den CEO von KnowBe4, berichten. Yuneeb Khan wird die Nachfolge von Bob Reich antreten, der seinen Ruhestand angekündigt hat. Beide werden zusammenarbeiten, um einen reibungslosen Übergang bis zum ersten Quartal 2026 zu gewährleisten. ‘Yuneeb Khan’s umfangreiche Erfahrung im Technologiesektor sowie in […]…
PayPal Flaw Exposed Email Addresses, Social Security Numbers for 6 Months

Feb 21, 2026 6:02 AM

Tags: data, data-breach, email, finance, flaw, software

PayPal disclosed a software error in its Working Capital platform that exposed sensitive customer data, including Social Security numbers, for months in 2025. The post PayPal Flaw Exposed Email Addresses, Social Security Numbers for 6 Months appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-paypal-working-capital-data-exposure-2025/
How does NHI impact innovation in cloud-native security solutions

Feb 21, 2026 12:02 AM

Tags: cloud, data, finance, healthcare, infrastructure, service

Are Organizations Fully Realizing the Potential of Non-Human Identities in Cloud-Native Security Solutions? Where businesses continually strive for digital transformation, how do they ensure their security infrastructures evolve at the same swift pace when their innovative endeavors? For sectors like financial services, healthcare, and DevOps, where sensitive data is the currency of trust, the stakes……
PayPal app code error leaked personal info and a ‘few’ unauthorized transactions

Feb 21, 2026 12:02 AM

Tags: data-breach, finance, unauthorized

About 100 customers affected First seen on theregister.com Jump to article: www.theregister.com/2026/02/20/paypal_app_code_error_leak/
PayPal discloses extended data leak linked to Loan App glitch

Feb 21, 2026 12:02 AM

Tags: breach, business, data, data-breach, email, finance, flaw, leak, phone, software

PayPal disclosed a six-month data breach that exposed sensitive user data, including Social Security numbers, due to a software error. PayPal has disclosed a data breach caused by a software bug in its PayPal Working Capital loan app. The flaw exposed sensitive customer information, including customers’ business contact details (name, email, phone number, address), along…
PayPal Flaw Exposed Sensitive Data in Lending App for Six Months

Feb 20, 2026 11:01 PM

Tags: data, data-breach, finance, flaw

A PayPal loan app error exposed sensitive customer data, including SSNs, for nearly six months in 2025. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/paypal-flaw-exposed-sensitive-data-in-lending-app-for-six-months/
US Treasury Department offers secure AI advice to financial services firms

Feb 20, 2026 7:01 PM

Tags: ai, finance, service

The agency developed the resources in partnership with financial executives and other regulators. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/treasury-department-ai-security-guidance-financial-services/812700/
Data breach at French bank registry impacts 1.2 million accounts

Feb 20, 2026 6:01 PM

Tags: breach, cybersecurity, data, data-breach, finance

The French Ministry of Finance has published an announcement informing of a cybersecurity incident that has impacted 1.2 million accounts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/data-breach-at-french-bank-registry-impacts-12-million-accounts/
PayPal Data Breach 6 Months of Users’ Data Leaked Online

Feb 20, 2026 5:02 PM

Tags: breach, business, cyber, cybersecurity, data, data-breach, finance, software

PayPal has begun notifying a small number of customers about a significant cybersecurity incident in which their personally identifiable information (PII) was exposed for nearly six months due to a software error in its PayPal Working Capital (PPWC) loan application. The exposure, which affected business contact details combined with highly sensitive personal data, lasted from…