Holiday Hits: Hackers Love to Strike When Defenders Are Away
- Attack intensity surged during the holiday period.
- Hackers used highly automated bots to maximize dwell time before discovery.
Public regulatory intelligence
What changed and why it matters
A source-linked regulatory intelligence feed for Texas credit union compliance and executive leadership. Use it to catch up quickly before diving into the underlying material.
Start with the clearest developments below, then open the original source material when you need the governing detail. The source remains the authority.
Outtake Gets $40M to Grow Automated Threat Response
Outtake will invest $40 million in its automated platform for digital risk protection and open-source threat intelligence; CEO Alex Dhillon highlights the agent-led model's scalability over manual labor.
Breach Roundup: Android RAT Hides Behind Hugging Face
- Researchers exposed an Android RAT abusing Hugging Face.
- A SmarterMail flaw was exploited by attackers.
AI, Deepfakes Are Top Risks for Financial Crime Specialists
- Financial crimes specialists face increased challenges due to the use of AI and deepfakes.
- The Association of Certified Anti-Money Laundering Specialists recommends better data, architecture, and AI-based detection systems.
Ambulance Billing Firm Pays $515K Fine to 2 States in Hack
- Comstar paid $515,000 to Massachusetts and Connecticut regulators after a 2022 hacking incident affecting nearly 350,000 residents.
- The firm also settled HIPAA allegations for $75,000 last year related to the same breach.
Cryptohack Roundup: Probe Into Missing Seized Bitcoin
- South Korean prosecutors are investigating missing seized bitcoin.
- The U.S. SEC dropped litigation against Gemini Earn.
Data Breaches in America Hit All-Time Record High in 2025
- 3,322 known U.S. incidents of data breaches were reported in 2025, setting an all-time record high.
- The number of notifications sent to affected consumers decreased sharply.
AI Use by CISA Chief Alarms Cyber Officials
CISA Acting Director uploaded sensitive documents to ChatGPT; internal alerts issued; concerns raised about AI governance and leadership judgement.
Inside Arizona's Push to Modernize and Secure Campus IT
The University of Arizona is centralizing its IT environment and unifying core platforms for teaching, research, and operations; Elliott Cheu, the university's CIO, oversees this modernization and security agenda.
'AI-Powered' Services Firm Says Hack Affects 3.1M
• The breach affected nearly 3.1 million individuals nationwide.
• HCIactive, an AI-powered services firm based in Maryland, experienced a hack impacting healthcare data.
Webinar | AI & Quantum Attacks Exposed: Your Survival Guide for the Next-Gen Threat Era
The webinar discusses AI and quantum attacks, providing a survival guide for credit unions in the next-generation threat era; highlights include understanding emerging threats, implementing robust cybersecurity measures, and staying informed about new technologies.
Aligning Substance Use Privacy Regs With HIPAA Isn’t Simple
Revisions to 42 CFR Part 2 are coming into effect soon to better align with HIPAA; compliance adjustments are necessary but complex. Attorney David Holtzman advises careful program modifications.
Idis Surveillance Management Software Vulnerable to Hacking
- Idis surveillance management software is vulnerable to a one-click attack that can execute arbitrary code.
- This vulnerability allows hackers to escalate privileges and achieve code execution on the host.
Live Webinar | Shadow AI Explained: How Unsanctioned AI Tools Lead to Data Loss
• Unsanctioned AI tools can lead to significant data loss and compliance risks for credit unions.
• Credit unions are advised to be aware of shadow AI tools that may bypass official security protocols.
Social Engineering Hackers Target Okta Single Sign On
• ShinyHunters are using live voice phishing attacks to bypass multifactor authentication and steal corporate data.
• At least 150 organizations across various sectors are targeted by this active campaign.
Fortinet Locks Down FortiCloud SSO Amid Zero-Day Attacks
Fortinet has restricted SSO access for Fortinet device users until they update their firmware; only fully patched devices can use the service.
CTO Talks: Modern PAM and Audit-Ready Access in 2026
- Modern PAM practices are essential for maintaining audit-ready access in 2026.
- Credit unions must implement robust PAM solutions to comply with upcoming regulatory requirements.
Privacy Is Fueling the CIO's AI Agenda
• AI is transforming data privacy and governance as credit unions must balance efficiency gains with increased data risk.
• Regulatory uncertainty complicates the implementation of AI-driven solutions.
Memcyco Gets $37M to Fight AI-Powered Impersonation Attacks
Memcyco raised $37 million for its AI-based preemptive scam detection platform; plans to expand sales team and develop new features.
Federal IT Buyers Told to Plan for Post-Quantum Cryptography
CISA urges agencies to incorporate post-quantum cryptography into IT procurement; this is seen as a near-term expectation to avoid future rushed retrofits.
Report: Attacks 'Cascade' From IT, OT to Patient Care
• Email phishing and identity failures are among the top vectors for non-clinical IT compromises in healthcare environments.
• These attacks often 'cascade' and disrupt patient care.
Webinar | APIs are the Front Door & AI Agents the Ungovernable Guest
The article discusses the integration of APIs as a primary entry point for digital services and highlights the challenges posed by AI agents in terms of governance and compliance. It emphasizes the need for...
Telnet Flaw: 800,000 Servers at Risk Amid Active Attacks
- A vulnerability in a legacy client-server application protocol allows unauthenticated users to gain root access via telnet.
- Over 800,000 servers are at risk and could be actively targeted by hackers.
France Latest EU Country to Ditch US Tech
• France has replaced U.S.-made videoconferencing services with a homegrown alternative called Visio.
• This move is part of an accelerating push for technological sovereignty across Europe.
Webinar | Seeing the Why: How Agentic AI Brings Context and Confidence to Compliance and Security Decisions
Agentic AI enhances compliance and security decision-making by providing context; it helps in understanding the rationale behind decisions, improving confidence in automated systems.