When Attackers Already Have the Keys, MFA Is Just Another Door to Open
Published in Bleeping Computer
The Figure breach exposed 967,200 email records without a single exploit. Understanding what that enables — and why your MFA cannot contain it — is an architectural problem, not a user education problem.
In February 2026, TechRepublic reported that Figure, a financial services company, exposed nearly 967,200 email records in a newly disclosed data breach. No vulnerability was chained. No zero-day was burned. The records were accessible, and now they are in adversary hands…
Read MoreAnthropic Calls Its New Model Too Dangerous to Release
David Perera and Chris Riotta, Bank Info Security
Anthropic Limits Access to New AI Model Amid Concerns Over Misuse
Anthropic asserted Tuesday that it’s created a new era for cybersecurity after developing an artificial intelligence model too dangerous to release to the public. The AI mainstay – also embroiled in a fight with the U.S. federal government over its model deployment for autonomous weapons and surveillance…
Read More
New Deepfake Tool Shows Why Face Alone Is No Longer Proof of Identity
Anthony Kimery, BioMetric Update
The tool illustrates a broader weakness in modern financial compliance and digital identity systems.
JINKUSU CAM is a live deepfake tool that is designed to defeat remote identity verification that is targeting financial institutions and crypto platforms that rely on facial recognition and liveness checks during the Know Your Customer (KYC) onboarding process…
Read MoreTreasury Launches Cybersecurity Initiative Expanding Threat Intelligence Access for Digital Asset Firms
Kevin Helms, News.Bitcoin.com
U.S. Treasury expands cybersecurity coordination with digital asset firms, signaling tighter integration with traditional finance and raising baseline protections as systemic risk exposure grows across crypto markets.
The U.S. Department of the Treasury announced on April 9 a cybersecurity initiative that could redefine risk standards across the digital asset industry. The Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) is leading the effort to expand threat intelligence access. The move strengthens integration between crypto firms and traditional financial…
Read More