Aleo’s non-profit Foundation announced that it had joined the Paxos-backed Global Dollar Network (GDN), an ecosystem built around USDG, a fully regulated U.S. dollar stablecoin issued by Paxos and backed by major partners including Anchorage Digital, Kraken, Mastercard, Paxos, Robinhood, Worldpay, and others. The Aleo Foundation plans on using USDG for on-chain treasury management and vendor payments, all while leveraging its native blockchain’s privacy-preservation setup (enabling the processing of stablecoin transactions in a fully encrypted manner). Not only that, as the first L1 to join the GDN, Aleo will incorporate its zero-knowledge (zK) and private smart contract capabilities into the latter’s ecosystem, which already spans established networks like Solana, Ethereum, and even newcomers like Ink. Hailed as a privacy-first blockchain for programmable payments, Aleo ensures that transaction details (such as who paid whom and how much) stay confidential at all times. Zero-knowledge proofs (ZKP) on Aleo allows transactions to be validated by smart contracts without ever exposing sensitive details. In practice, Aleo’s confidential payment apps can verify things like KYC/AML without publishing payer identities or amounts, meaning that businesses can run payrolls or vendor payments on-chain privately, keeping exact salaries or supplier deals hidden from rivals and public view.
Salt Edge’s API solution to leverage IBM Z platform to enable banks to meet evolving global open banking regulations and simplify compliance with built-in consent management without overhauling their core systems
Salt Edge, a global provider of API technology for financial services, has confirmed its Open Banking API suite is compatible with IBM LinuxONE and IBM Z platforms, allowing global banks to implement a fully managed API access layer that meets evolving open banking compliance requirements. The solution leverages IBM Z’s performance, security, and scalability to help financial institutions modernize customer-facing services without overhauling their core systems. Salt Edge’s platform supports a broad range of open banking regulatory frameworks, simplifying compliance by exposing consent-based APIs that align with local laws and market needs. When deployed on IBM LinuxONE or IBM Z, Salt Edge’s platform enables banks to: Meet global open banking regulations without incremental development; Offer API-based services to fintechs and third parties with reduced operational burden; Accelerate time-to-market with built-in consent management, developer tools, and third-party onboarding; Leverage the reliability and performance of enterprise-class infrastructure to support critical workloads.
Microsoft’s AI agent can analyze and classify malware in the wild at scale without human intervention by reverse engineering suspect software files using forensic tools such as decompilers and binary analysis to deconstruct the code with a precision of 0.98
Microsoft Corp. introduced a new AI agent that can analyze and classify malware in the wild at scale, without human intervention. The newly minted AI model, named Project Ire, can reverse engineer suspect software files and use forensic tools such as decompilers and binary analysis to deconstruct the code in order to determine whether the file is hostile or safe. “It was the first reverse engineer at Microsoft, human or machine, to author a conviction case — a detection strong enough to justify automatic blocking — for a specific advanced persistent threat malware sample, which has since been identified and blocked by Microsoft Defender,” the Ire research team said. According to the company, when tested against a public dataset of Windows drivers, Project Ire achieved a precision of 0.98 and a recall of 0.83. In terms of pattern recognition and detection, this is very good. It means the software can determine that a file is bad about 98% of the time without a false positive. It was also reasonably likely to find malware about 83% of the time when it casts a net. So, it catches most threats, but it might miss a few. Project Ire uses advanced reasoning models to address problems by stripping away these defenses using specialized tools like an engineer and autonomously evaluates their outputs as it iteratively attempts to classify the behavior of the software. In a real-world scenario involving 4,000 “hard target” files that had not been classified by automated systems and were pending expert review, the AI agent achieved a precision of 0.89, meaning nine out of 10 files were correctly flagged as malicious. Its recall was 0.26, meaning that the system detected around a quarter of all actual malware that passed through its dragnet. It also had only a 4% false positive rate, which is when the software claims a safe file is malware.
Microsoft fortifies Teams security with automated blocking of dangerous executables and real-time malicious URL detection, integrating Defender Allow/Block controls to combat social engineering attacks. Microsoft has announced significant security enhancements for Teams, introducing robust protections against malicious file types and dangerous URLs. In a dual-pronged update, Microsoft will automatically block potentially dangerous executables and warn users about malicious URLs in chats and channels. The security update marks a shift in how Microsoft Teams handles potential threats, implementing automated detection and blocking mechanisms at the platform level. Microsoft’s roadmap entries 499892 and 499893 detail that Teams will now scan both file attachments and embedded URLs for malicious content before they reach users. Files containing executables can, once clicked, instruct a computer or platform to run a certain program, potentially downloading malware or Trojans. URLs can lead users to sites that deliver malware to their computers. This proactive approach minimizes the human factor that has made Teams users vulnerable to social engineering attacks, where legitimate-looking attachments or URLs contain malicious payloads designed to compromise corporate networks. Additionally, Microsoft announced in the Microsoft 365 Message Center that Teams now integrates with the Microsoft Defender for Office 365 Tenant Allow/Block List. This enables security administrators to block incoming communications (chats, channels, meetings, and calls) from blocked domains, automatically delete existing communications from users in blocked domains, and manage blocked external domains in Microsoft Teams via the Microsoft Defender portal. Such control eliminates the ability for malicious files or URLs to remain within a system long after they are identified.
Microsoft has announced significant security enhancements for Teams, introducing robust protections against malicious file types and dangerous URLs. In a dual-pronged update, Microsoft will automatically block potentially dangerous executables and warn users about malicious URLs in chats and channels. The security update marks a shift in how Microsoft Teams handles potential threats, implementing automated detection and blocking mechanisms at the platform level. Microsoft’s roadmap entries 499892 and 499893 detail that Teams will now scan both file attachments and embedded URLs for malicious content before they reach users. Files containing executables can, once clicked, instruct a computer or platform to run a certain program, potentially downloading malware or Trojans. URLs can lead users to sites that deliver malware to their computers. This proactive approach minimizes the human factor that has made Teams users vulnerable to social engineering attacks, where legitimate-looking attachments or URLs contain malicious payloads designed to compromise corporate networks. Additionally, Microsoft announced in the Microsoft 365 Message Center that Teams now integrates with the Microsoft Defender for Office 365 Tenant Allow/Block List. This enables security administrators to block incoming communications (chats, channels, meetings, and calls) from blocked domains, automatically delete existing communications from users in blocked domains, and manage blocked external domains in Microsoft Teams via the Microsoft Defender portal. Such control eliminates the ability for malicious files or URLs to remain within a system long after they are identified.
DocuSign‑branded Apple Pay emails use urgent refunds, Cyrillic sender tricks, and security‑code links to lure victims into calls that cause credential theft
Phishing scams are becoming more sophisticated, with a new tactic involving fake DocuSign emails that appear to confirm Apple Pay purchases. These emails often include realistic details like order IDs, charge amounts, and even a support number. However, the number connects victims to scammers, not Apple or any legitimate company. Some emails also contain a DocuSign link and a security code to make the message seem more authentic. The scam works by alarming recipients with a fake charge and urging them to call if they don’t recognize it. Once on the call, scammers pose as support agents and claim the user’s account is compromised. They may request sensitive information like Apple ID credentials, banking details, or ask the user to install remote access software. In some cases, they demand payment for fake reversal or protection fees. Red flags include unexpected DocuSign receipts, strange characters in the sender’s email address (like Cyrillic letters), and urgent language. It’s important to remember that companies like Apple do not send billing receipts via DocuSign. These scams aim to create panic and trick users into giving up personal data or access to their devices.
DebitMyData’s platform combines reinforcement learning with blockchain-verified digital identity to offer real-time detection and mitigation of unauthorized AI-generated content, impersonation, and biometric spoofing at scale
DebitMyData, founded by digital sovereignty pioneer Preska Thomas, has launched its LLM Security API Suite, a next-generation platform that combines reinforcement learning with blockchain-verified digital identity. The suite offers the first plug-and-play APIs for Agentic Logos and Agentic Avatars, designed to secure AI at scale across commercial and regulatory settings. The interoperable identity infrastructure enables verification of authenticity and trust in AI outputs. The platform’s reinforcement learning core dynamically adapts to evolving AI manipulation techniques, delivering: Real-time detection and mitigation of unauthorized AI-generated content, impersonation, and biometric spoofing; Built-in global compliance with GDPR, HIPAA, AI Act, and digital sovereignty protocols, ensuring enterprise-ready, auditable privacy. Plug-and-Play Enterprise Security: Agentic Logos™: Secure your brand’s logos with a blockchain-verified fingerprint, enabling instant scanning and flagging of unauthorized usage across AI platforms—with zero technical barriers and GDPR-first privacy controls. Agentic Avatars™: Convert faces and voices into secure, self-authenticating digital signatures, verified via NFT credentials for safe identity gating in synthetic communications.
CrowdStrike releases AI-powered detection to catch subtle cyber threats- continuously models behavior for each user, host, and process, adapting over time to surface meaningful deviations
Black Hat USA 2025 announced the general availability of CrowdStrike Signal, a new class of AI-powered detection engines that surface the undetectable threats others miss – before they escalate. Signal uses self-learning models for every host to understand what’s normal in that environment across time, systems, and users. It pinpoints subtle, early-stage threat activity and connects related behaviors – before traditional tools act. This correlation builds high-confidence patterns that reveal stealthy attacker behavior before others can, giving defenders a clear starting point to act. Self-learning AI to Understand the Customer Environment: Signal continuously models behavior for each user, host, and process, adapting over time to surface meaningful deviations. Unlike static rules or pre-trained models, it delivers early-stage detection without manual configuration or constant adjustment. Real-time Detection of Stealthy Tradecraft Others Miss: Signal links subtle behaviors often used by attackers – but also commonly seen on benign hosts – such as the use of living-off-the-land tools for reconnaissance or applications running from temporary directories. This low-signal activity may appear benign in isolation, but analyzed earlier, over time and context, it reveals attacker activity that would otherwise go unnoticed. High-confidence Leads Reduce Alert Volume, Accelerate Response: Signal condenses a vast number of behaviors and detections into a small set of high-fidelity leads. It surfaces early indicators of compromise, reduces false positives, and groups related activity into a single starting point to eliminate manual triage and speed investigation, hunting, and response.
Mastercard-Alloy onboarding platform combines 200+ risk tools with digital identity verification and open finance to reduce fraud, accelerate onboarding, and enhance funding security across channels.
Alloy, an identity and fraud prevention platform provider, has announced a new global partnership with Mastercard to launch an enhanced customer onboarding solution for financial institutions and fintechs. The new Mastercard Alloy joint onboarding solution will leverage identity verification and open finance to streamline the end-to-end onboarding process while combating fraud. The Mastercard Alloy joint onboarding solution provides a consistent identity risk strategy and onboarding experience across channels. Alloy intends to leverage Mastercard’s best-in-class global digital identity verification capabilities and suite of open finance-powered account opening solutions to help financial institutions and fintechs manage fraud and identity risk and secure account funding throughout the customer lifecycle. Mastercard products will be integrated and pre-configured in Alloy for seamless deployment. In addition to pre-built integrations to Mastercard products, customers will receive access to over 200 risk and identity solutions available through Alloy, helping to improve customer conversion rates, reducing manual reviews, and ensuring comprehensive end-to-end coverage. Dennis Gamiello, EVP, Global Head of Identity at Mastercard said, “This joint onboarding solution will be a game-changer in the fight to reduce fraud and deliver a seamless and secure customer experience.”
Banks and credit unions prioritize AI for fraud detection but pace deployments cautiously as leadership cites data handling accuracy gaps and legacy compatibility alongside privacy and security hurdles
Banks and credit unions are universally worried about fraud, but are also concerned that security tools don’t adequately protect underlying data. For Flushing Financial’s John Buran, the benefits of bank automation are clear, but so are the fears. The CEO of the $8.8 billion-asset Flushing Financial told American Banker that automation systems are poised to oversee “vast amounts of personal and financial data,” but create questions surrounding “consent, data handling and storage.” “Although automation brings efficiency and innovation benefits, the concerns about data security and privacy risks in banking automation are in my opinion well founded and should remain a critical area for continuous focus and improvement,” Buran said. Buran is not alone. Worries about data security and privacy are holding many back from using advanced automation such as artificial intelligence, according to new research from American Banker. “Fraud teams are already overwhelmed by the number of alerts they are investigating, so many have to focus on the high-dollar losses and manage lower-dollar losses through their dispute processes,” said John Meyer, managing director in Cornerstone Advisors’ Business Intelligence and Data Analytics practice.
Darktrace acquires Mira Security to boost encrypted traffic visibility- with policy control and compliance capabilities that allow administrators to decrypt traffic based on predefined rules
Machine learning cybersecurity firm Darktrace PLC has acquired network traffic visibility solutions company Mira Security Inc. for an undisclosed price. Mira Security specializes in encrypted traffic orchestration with solutions that allow organizations to detect, decrypt and analyze encrypted network traffic at scale. The company’s offerings are purpose-built to provide full traffic visibility without compromising privacy, performance, or compliance mandates. Mira Security’s main offering, its Encrypted Traffic Orchestration platform, includes support for both physical appliances and virtual deployments. ETO can intercept SSL/TLS and SSH traffic across any port, decrypting it for analysis and re-encrypting it before forwarding, without the need for complex re-architecting or performance degradation. Mira also offers granular policy control and compliance capabilities that allow administrators to decrypt traffic based on predefined rules while enforcing blocking of outdated or insecure encryption protocols and managing what data is visible to different tools to ensure sensitive information remains protected. The platform additionally supports full visibility into TLS 1.3 traffic, a major challenge for many existing cybersecurity tools due to the protocol’s stricter encryption practices. The combination of Darktrace and Mira Security is said by Darktrace to close the encrypted data blind spot without impacting network performance or requiring complex re-architecting. The closer integration of Mira Security’s in-line decryption capabilities with Darktrace’s existing analysis and understanding of encrypted traffic will also provide organizations with more in-depth visibility across on-premises, cloud and hybrid environments.