HUMAN Security has launched HUMAN Sightline, a cyberfraud defense solution featuring AgenticTrust. Developed to secure every interaction across the customer journey, HUMAN Sightline preserves legitimate human activity, prevents fraud and scraping, enables trusted automation through intent-based controls and accelerates investigations. With the introduction of AgenticTrust, the solution extends visibility and control to AI agent activity across consumer-facing surfaces, including every action taken before, during and after login. This helps enterprises embrace and adopt agentic commerce, reduce fraud losses and securely scale engagement and revenue in the AI era. HUMAN Sightline, featuring AgenticTrust, secures the customer journey and unlocks safe, scalable growth with actor-level visibility and intent-based control across humans, bots and AI agents – and delivers: Actor-level visibility into humans, bots and AI agents; Adaptive trust decisioning based on behavior, context and intent over time; Governance tools to enforce policies in real time; Investigative intelligence to uncover networks and attack patterns. Key capabilities include: Agentic visibility and control: Identify AI agent activity, prevent spoofing and enable trusted automation; Adaptive trust decisioning: Evaluate behavior and context, not just identity, to determine trust; Layered detection and learning: Detect evolving threats through multi-model signal analysis; Fraud investigation intelligence: Map attacker behavior and fraud networks across the journey; Govern bots, LLMs, and agents: Block, allow, rate-limit, redirect or monetize based on traffic type and intent; Seamless deployment: Integrates into WAF, CDN, CIAM and fraud infrastructure.
Ripple to pay $200 million for stablecoin payment platform Rail, adding virtual accounts and automated back-office infrastructure capability; SEC’s 2020 lawsuit against Ripple Labs is officially over
Ripple announced it has agreed to acquire Rail, a stablecoin-powered platform for global payments, for $200 million. With this deal, Ripple and Rail will deliver the most comprehensive stablecoin payments solution available in the market. This acquisition will boost Ripple’s standing as the leader in digital asset payments infrastructure. Rail adds to Ripple’s capabilities with virtual accounts and automated back-office infrastructure, streamlining operations. Together, they will: Stablecoin On/Off-Ramps and Asset Flexibility: offer comprehensive stablecoin pay-ins and pay-outs across key corridors, including USD payments, without requiring customers to hold crypto on their balance sheets. Third-Party and Treasury Payments: offer flexibility to customers, enabling them to manage multiple payment types including third-party payments (on behalf of their customers) as well as internal treasury flows, seamlessly through a single platform. Premium Digital Asset Liquidity: support payments across a variety of digital assets like RLUSD, XRP and others, and provide competitive pricing on high-value tickets. Virtual Account and Collections: enable customers to transact with digital assets without the need to open dedicated crypto bank accounts or wallets on centralized exchanges, lowering barriers to entry and removing operational hurdles. Simple Integration and Always-On Infrastructure: connect customers to a global payment network that operates 24/7/365 through a single API for streamlined onboarding. Enterprise-Grade Compliance and Licensed: deliver regulated, secure payment flows with 60+ licenses that meet the highest standards for financial institutions. Banking Partner Network: offer a new level of built-in redundancy and reliability through the collective multi-bank partner network, giving clients resilient global coverage.
“Web Indirect Prompt Injection” embeds hidden instructions in web pages that can hijack an AI agent’s behavior; “environmental injection attacks” trick agents into stealing user data or performing unauthorized actions
Researchers have published the most comprehensive survey to date of so-called “OS Agents” — artificial intelligence systems that can autonomously control computers, mobile phones and web browsers by directly interacting with their interfaces. “OS Agents can complete tasks autonomously and have the potential to significantly enhance the lives of billions of users worldwide,” the researchers note. The attack methods they document read like a cybersecurity nightmare. “Web Indirect Prompt Injection” allows malicious actors to embed hidden instructions in web pages that can hijack an AI agent’s behavior. Even more concerning are “environmental injection attacks” where seemingly innocuous web content can trick agents into stealing user data or performing unauthorized actions. Consider the implications: an AI agent with access to your corporate email, financial systems, and customer databases could be manipulated by a carefully crafted web page to exfiltrate sensitive information. Traditional security models, built around human users who can spot obvious phishing attempts, break down when the “user” is an AI system that processes information differently. The survey reveals a concerning gap in preparedness. While general security frameworks exist for AI agents, “studies on defenses specific to OS Agents remain limited.” This isn’t just an academic concern — it’s an immediate challenge for any organization considering deployment of these systems. Some commercial systems achieve success rates above 50% on certain benchmarks — impressive for a nascent technology — but struggle with others. The researchers categorize evaluation tasks into three types: basic “GUI grounding” (understanding interface elements), “information retrieval” (finding and extracting data), and complex “agentic tasks” (multi-step autonomous operations). The pattern is telling: current systems excel at simple, well-defined tasks but falter when faced with the kind of complex, context-dependent workflows that define much of modern knowledge work. They can reliably click a specific button or fill out a standard form, but struggle with tasks that require sustained reasoning or adaptation to unexpected interface changes. This performance gap explains why early deployments focus on narrow, high-volume tasks rather than general-purpose automation.
Quantum-Safe 360 Alliance publishes white paper, guiding enterprises through PQC migration with best practices, crypto-agile strategies, and expertise from Keyfactor, IBM, Thales, and Quantinuum
The Quantum-Safe 360 Alliance, including members Keyfactor, IBM Consulting, Thales, and Quantinuum, unveiled its first comprehensive guide to help organizations navigate the global transition to post-quantum cryptography (PQC). The white paper marks the formal debut of the Quantum-Safe 360 Alliance, an evolving collective of industry leaders with unparalleled expertise spanning cryptographic design and deployment, public key infrastructure (PKI) and certificate lifecycle management, crypto-agile development practices, and quantum-safe cryptography. Collaborating to help enterprises tackle the challenges of PQC transitions, the Alliance’s white paper signals a coordinated, public effort to provide clear guidance and accelerate preparedness for the quantum era. Drawing upon each Alliance member’s deep proficiency and diverse capabilities, the white paper highlights the urgency of quantum-safe preparedness and the risks of inaction and provides actionable guidance on building stronger crypto-agility and starting PQC transitions. Formed to promote a unified, cross-industry approach, the Alliance aims to provide coordinated expertise and interoperable solutions to help enterprises safeguard data in the quantum era. By pooling resources and knowledge, the Alliance aims to help enterprises navigate the quantum era, including supplying organizations with cybersecurity best practices and interoperable solutions designed to work cohesively across platforms and industries. Key topics the white paper addresses include: The necessity of cryptographic agility to adapt to evolving threats; The challenges enterprises face in securing internal buy-in for PQC and strategies to overcome them; Case studies highlighting the value of holistic post-quantum preparation guided by the expertise and skills of Alliance members; A strategic roadmap for enterprises to adopt cryptographic agility; and, Best practices and tools for implementing a quantum-safe infrastructure, including PKI management, key lifecycle strategies, and quantum-generated randomness for enhanced security.
70% of Galaxy S25 owners are using Galaxy AI features and more than half are using Circle to Search; Galaxy AI to expand to 400 million devices by the end of 2025
Samsung is planning a big expansion of AI features on Galaxy phones, and claims that a huge percentage of its users are already leveraging AI features in one way or another. Samsung says that 70% of Galaxy S25 owners are using Galaxy AI features. There’s no specific timeline (as in, how often after the features being used), but it’s still a big number. Samsung further adds that: “More than half” of Galaxy S25 owners use Circle to Search (a Google feature); Photo Assist usage “doubled” compared to Galaxy S24 users; Now Brief is used by “one in three” Galaxy S25 owners; Google Gemini use “tripled” on “the latest Galaxy S series.” With all of this in mind, Samsung says that it will expand Galaxy AI to hundreds of millions of devices over the course of 2025. Specifically, the company wants to double its previous “200+ million” figure to over 400 million. At the center of our innovation is a desire to bring consumers seamless and secure mobile AI experiences that align with their needs. That’s why Samsung Galaxy is committed to expanding Galaxy AI to 400 million devices by the end of this year — democratizing the power and possibilities of mobile AI to even more users. It stands to reason that new device launches and updates to existing devices will play a big role, but it’s still a big promise.
LinePoint Partners platform enables UHNW breakaway financial advisors and single family office (SFO) executives to independently operate and grow their practices without designing from scratch in-house
One new entrant to the family office industry, LinePoint Partners, aims to help advisors leaving wirehouses and private banks build up an array of services needed to work with wealthy clients. Andrew Sternlight, LinePoint’s president and chief investment officer, said what sets family offices apart from other wealth managers is the priority family offices place on preserving wealth for future generations, charitable causes or other recipients. “That’s where we think, by extending that sort of family office infrastructure to advisors or to one or two executives of a family office without building out their teams entirely,” Sternlight said. “That’s where we can provide a bit of a solution that has the benefits with that multigenerational lens, but not the cost of designing from scratch in-house.” Andrew Lom, U.S. head of financial services and global head of private wealth at the law firm Norton Rose Fulbright, agreed that the true differentiator for family offices is the emphasis they place on making sure clients can bequeath their wealth exactly how they want. Ron LaVelle, a principal in the private wealth practice of the accounting and consulting firm Baker Tilly, said clients have the ultimate say on what their family office does. With the list of possible service offerings always growing, and the number of multifamily offices serving several wealthy families also rising, it’s becoming ever more rare for firms to be able to do it all. In fact, LaVelle said, he tends to be wary of firms that claim to be everything for everyone.
Mastercard’s automated solution for virtual cards adds advanced straight-through processing that fully automates virtual card payments and reconciliation through a single connection, multi-language and secure card-on-file support
Mastercard is launching widescale global availability of Mastercard Receivables Manager, its automated solution that makes virtual cards more efficient, secure and cost-effective for businesses to accept. Mastercard Receivables Manager has been levelled up with new capabilities such as multi-language and secure card-on-file to support digital commerce around the world. Now available globally, acquiring partners are embracing the innovation to modernize supplier virtual card acceptance experiences across major card networks and help customers strengthen buyer-supplier relationships. To give payment service providers greater flexibility in how they offer B2B payment innovations, Mastercard is also introducing Commercial Direct Payments, an advanced straight-through processing solution that fully automates virtual card payments and reconciliation. When the buyer initiates a card payment, Commercial Direct Payments enables it to be processed directly with the supplier’s acquirer – eliminating all manual steps for making and receiving payments. The funds are automatically deposited into the supplier’s account and the detailed remittance data can be seamlessly integrated into the AR workflow. Key benefits include: Driving supplier efficiency with automated reconciliation: Suppliers can easily reconcile payments using the rich remittance data that can flow directly into their ERP systems, freeing up resources to focus on more strategic tasks. Unlocking automated B2B payment processing at scale: Issuers and acquirers can quickly unlock the benefits of straight through processing without the need for multiple costly and time-intensive connections with one another. Commercial Direct Payments streamlines this process by providing a single connection to Mastercard and enabling the flow of secure, standardized payment and remittance data between issuers and acquirers. Strengthening buyer-supplier relationships: Buyers have the flexibility to pay with physical or virtual cards to improve cash flow, while suppliers can get paid securely, efficiently, and on time. Elavon and Run Payments are among the many innovative payment providers in the United States offering Mastercard Receivables Manager to address manual processing and reconciliation challenges – which some 42% of suppliers across the nation note as top barriers to acceptance.
When JPMorgan takes over, it will likely drop niche processor CoreCard as the Apple Card’s processor; dropping first-of-the-month billing cycle and “payment wheel” graphic that show cardholders their projected interest costs.
The transition of the Apple Card from being financed by Goldman Sachs to JPMorgan Chase will probably cut out a smaller company, CoreCard, that currently handles the credit card. When JPMorgan takes over, it will likely drop CoreCard as the Apple Card’s processor in favor of its own in-house payment processing. Before it got the Apple account and its estimated 12 million users, CoreCard was considered a niche processor. CoreCard currently manages the day-to-day functioning of the Apple Card, ensuring that transactions are completed and handling the billing of users. It is also CoreCard that has been responsible for developing some of the distinctive features of the card alongside Apple, like its first-of-the-month billing cycle. CoreCard also developed the “payment wheel” graphic on its bills that show cardholders their projected interest costs, widely seen as consumer-friendly and educational. JPMorgan Chase will be responsible for the Apple Card once Goldman Sachs exits the consumer market. Because JPMorgan Chase has its own processing capabilities, CoreCard owner Richard Strange believes it likely that the Apple Card processing job will go in-house, dropping CoreCard. The transition will mean the loss of its biggest client.
Broadridge’s integration of Uptiq’s tech into its wealth management platform provides advisors access to agentic AI apps that surface the most relevant loan options, automating securities-based lending- (SBL) workflows, referral submission and covenant tracking
Broadridge Financial Solutions has announced a strategic partnership and minority investment in Uptiq, an AI platform for financial services. The partnership aims to modernize wealth management by addressing the growing demand for artificial intelligence in financial services and developing a better wealth lending process. Uptiq’s AI-powered tools and Broadridge’s Wealth Lending Network will enable advisors to deliver smarter lending recommendations, save time, and help clients access the liquidity needed to achieve their financial goals. The integration will streamline the process of accessing securities-based lending solutions, particularly for financial advisors and wealth management firms not affiliated with banks. Broadridge’s investment supports Uptiq’s growth and reinforces a shared vision for transforming wealth lending.
Meta’s new Brand Rights Protection features allow brands to report suspected scam ads at scale and even to request action on ads that don’t explicitly use their IP
Meta’s adding some new elements to its Brand Rights Protection system, which will give IP holders more capacity to report violations, as well as related concerns within their niche, helping Meta refine and improve its enforcement measures. First off, after beta testing it for a few months, Meta’s now going live with its expanded reporting functionality, which enables all businesses that are enrolled in Brand Rights Protection to report suspected scam ads at scale. And interestingly, Meta will also now enable brands to request action on ads that don’t explicitly use their IP, via a new “Other” category. As per Meta, brands can also use this to request action on: “Ads that promote products, services, schemes or offers using deceptive or misleading practices, including those suspected to scam people out of money or personal information, and otherwise do not involve a rights holder’s intellectual property.” Meta’s also redesigned its takedown request experience, with fewer steps required to lodge a concern, while it’s also added new search options within the “Reports” tab to make it easier to find info on your reports. The platform also now includes AI image matching, based on reference images of your products, to detect potential concerns across its apps, and as Meta looks to incorporate more shopping-focused elements, this is an important consideration, giving rights holders peace of mind in ensuring that they have some form of recourse to protect themselves.