The AI arms race hits finance.

The Treasury Secretary and Fed Chair summon bankers over AI concerns. A hacker claims more than 10 petabytes stolen from China’s National Supercomputing Center. Recalibrating the quantum timeline. Researchers demo prompt injection against Apple Intelligence. Payroll Pirates target Canadians. Gmail gets end-to-end encryption on mobile devices. A Chrome update fixes critical vulnerabilities. A Pennsylvania cop admits creating more than 3,000 AI-generated pornographic deepfakes. Our guest is Henry Comfort, Co-Founder and CEO of Geordie AI, winner of this year’s RSAC Innovation Sandbox. FCC floats firmer filters for fraudulent phone calls. 

Today is Friday April 10th 2026. I’m Dave Bittner. And this is your CyberWire Intel Briefing.

The Treasury Secretary and Fed Chair summon bankers over AI concerns. 

U.S. financial regulators are increasingly concerned that advanced artificial intelligence could introduce new systemic cybersecurity risks to the banking sector. Treasury Secretary Scott Bessent and Federal Reserve Chair Jay Powell recently convened top Wall Street CEOs to discuss Anthropic’s latest model, Claude Mythos Preview, and the potential threats similar tools may pose if misused. While Anthropic says the model is intended to help identify and fix critical vulnerabilities, policymakers worry that increasingly capable AI could also enable more sophisticated cyberattacks. Industry leaders have echoed those concerns. JPMorgan Chase CEO Jamie Dimon warned that AI may create new security weaknesses, and former Microsoft executive Craig Mundie suggested powerful models could broaden access to advanced hacking capabilities. The meeting reflects growing government attention to AI’s dual-use nature, as officials weigh both its defensive benefits and its potential to amplify cyber risk across critical financial infrastructure. 

Meanwhile, a federal appeals court in Washington allowed the Pentagon to keep blacklisting Anthropic from defense contracts while legal challenges continue in other courts. The ruling lets the military remove Claude models from defense systems and restrict contractor use, though a California court has limited parts of the policy. Judges emphasized national security concerns over financial harm to Anthropic. The decision does not resolve whether the designation is lawful, leaving broader constitutional and procurement disputes ongoing as parallel cases proceed.

A hacker claims more than 10 petabytes stolen from China’s National Supercomputing Center. 

A hacker using the alias “FlamingChina” claims to have stolen more than 10 petabytes of sensitive data from China’s National Supercomputing Center in Tianjin, potentially one of the largest alleged data exfiltrations from the country. Samples reviewed by cybersecurity researchers appear to include documents marked “secret,” along with missile schematics, aerospace research, and other defense-related materials tied to major Chinese institutions. Experts say the attacker may have accessed the system through a compromised VPN and quietly extracted data over several months using distributed automated tools. However, the dataset’s origin remains unverified by independent authorities. If confirmed, analysts say the volume and sensitivity of the material could make it highly valuable to foreign intelligence services and highlight ongoing cybersecurity weaknesses in parts of China’s critical infrastructure.

Recalibrating the quantum timeline. 

Google’s decision to accelerate its shift to quantum-resistant encryption reflects growing concern that quantum computers capable of breaking today’s cryptography may arrive sooner than expected. New research from the California Institute of Technology, Oratomic, and the University of California suggests such systems could require as few as 10,000 qubits, far fewer than earlier estimates of millions. Google researchers also reported reduced hardware requirements for breaking widely used encryption. Officials and experts warn this raises the risk of “harvest now, decrypt later” campaigns and highlights rapid advances, including Chinese investment in quantum technology. Some analysts say the timeline for quantum threats now overlaps with currently deployed systems, especially blockchain infrastructure. However, other cryptography experts remain skeptical that practical quantum attacks are imminent, arguing large-scale, fault-tolerant quantum computers may still be decades away.

Researchers demo prompt injection against Apple Intelligence. 

Researchers at the RSAC Research Lab demonstrated a prompt-injection attack that could hijack Apple Intelligence’s on-device large language model by combining a “Neural Exec” adversarial input with a Unicode right-to-left override technique to bypass Apple’s input and output filters. The method allowed attackers to force the model to execute arbitrary tasks, with a reported 76 percent success rate across test prompts. Before Apple patched the issue in iOS 26.4 and macOS 26.4, attackers could potentially access sensitive data available to apps using the local model, including health or personal media content. Researchers estimated between 100,000 and 1 million users may have been exposed through affected apps. Apple has since deployed mitigations, and researchers report no evidence of exploitation in the wild. Users running earlier operating system versions are advised to update to the latest releases.

Payroll Pirates target Canadians. 

A financially motivated threat actor tracked as Storm-2755 is conducting “payroll pirate” attacks that redirect Canadian employees’ salary payments after hijacking their accounts. The group uses adversary-in-the-middle phishing pages disguised as Microsoft 365 sign-in portals to capture authentication tokens and session cookies, allowing them to bypass multifactor authentication without needing passwords or codes. After gaining access, attackers hide HR-related emails using inbox rules and contact payroll staff to request changes to direct-deposit details. When social engineering fails, they log directly into HR platforms such as Workday to alter payment information. Microsoft advises organizations to deploy phishing-resistant MFA, block legacy authentication, revoke compromised sessions, and remove malicious inbox rules. Payroll diversion schemes are a form of business email compromise, which the FBI says caused more than $3 billion in losses last year.

Gmail gets end-to-end encryption on mobile devices. 

Google has expanded Gmail end-to-end encryption (E2EE) to Android and iOS, allowing enterprise users to send and read encrypted emails directly within the mobile app without extra tools. Messages can be delivered to Gmail recipients normally, while others can access them through a browser. The feature relies on client-side encryption, meaning organizations control encryption keys stored outside Google’s servers. Available to Enterprise Plus users with Assured Controls add-ons, the update supports regulatory compliance and extends encrypted messaging across platforms and email providers.

A Chrome update fixes critical vulnerabilities. 

Google has released Chrome 147 with fixes for 60 vulnerabilities, including two critical flaws in the WebML component used to run machine learning models in the browser. The issues, a heap buffer overflow and an integer overflow, could enable sandbox escape or remote code execution. Fourteen additional high-severity bugs affect components such as WebRTC, V8, Blink, and Skia. Google says none are known to be exploited in the wild. The update also introduces stronger session cookie protections to reduce account compromise risks.

A Pennsylvania cop admits creating more than 3,000 AI-generated pornographic deepfakes. 

A Pennsylvania State Police corporal has pleaded guilty to multiple crimes, including creating more than 3,000 AI-generated pornographic deepfakes using images taken from state databases such as driver’s license records. Authorities say Stephen Kamnik misused Commonwealth systems for years, generating explicit material involving numerous women, including a district court judge, sometimes on state-owned devices at police barracks. Investigators discovered the activity in 2024 after unusual internet usage triggered a review of his workstation, leading to the seizure of devices containing illicit content, including child sexual abuse material. Kamnik also secretly filmed individuals, accessed restricted databases in violation of policy, possessed a stolen firearm, and broke into a women’s locker room at the barracks. The case reflects broader concerns about the growing accessibility of AI deepfake tools, which have also been used in recent incidents involving students in eastern Pennsylvania high schools. Kamnik is scheduled for sentencing in July.

FCC floats firmer filters for fraudulent phone calls. 

The Federal Communications Commission is once again sharpening its tools against robocalls, this time by proposing stricter “know your customer” rules for phone service providers who appear, in the agency’s view, to have been asking far too few questions of suspicious callers. Under the proposal, originating carriers would need to collect more identifying details, verify them more carefully, and face penalties calculated per illegal call rather than per violation, which could make nuisance dialing a more expensive hobby.

High-volume callers would also have to explain why they are calling so many people in the first place, a question consumers have been quietly asking for years. Providers might even be required to keep identity records for four years after customers depart, presumably just in case the calls keep coming anyway.

The FCC argues stronger rules would help law enforcement trace crimes tied to illegal calling. Meanwhile, robocalls, stubborn as ever, continue ringing through.

And that’s the CyberWire.

For links to all of today’s stories, check out our Daily Briefing at the cyberwire dot com.

 

We’d love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire@n2k.com

We’re proud that N2K CyberWire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world’s preeminent intelligence and law enforcement agencies.

N2K helps cybersecurity professionals and organizations grow, learn, and stay ahead. We’re the nexus for discovering the people, tech, and ideas shaping the industry.  Learn how at n2k.com.

 

N2K’s lead producer is Liz Stokes. We’re mixed by Tré Hester, with original music by and sound design Elliott Peltzman. Ethan Cook is our lead analyst. Our contributing host is Maria Varmazis. Our executive producer is Jennifer Eiben. Peter Kilpe is our publisher. And I’m Dave Bittner. Thanks for listening.