Security researchers discovered a vulnerability in banking AI agents where minimal transactions could be exploited to compromise financial systems. The flaw was identified in bunq's AI assistant and has since been secured.
A €0.01 bank transfer was found to be sufficient to exploit vulnerabilities in AI-powered banking agents, potentially allowing attackers to manipulate financial transactions or extract sensitive data.
The security issue highlights risks in deploying autonomous AI systems in high-stakes financial environments. AI agents processing banking operations can be susceptible to prompt injection attacks and transaction manipulation through seemingly insignificant inputs.
Researchers worked with bunq, the Dutch mobile-first bank, to identify and patch the vulnerability before public disclosure. The discovery emphasizes the need for robust security testing of AI systems handling financial operations.
The incident underscores broader concerns about AI security in fintech. As banks increasingly integrate AI agents for customer service and transaction processing, thorough adversarial testing becomes critical to prevent exploitation through unconventional attack vectors.
Bunq has implemented fixes to secure their financial AI assistant. Security teams in the banking sector are urged to conduct similar audits of their AI systems.
Security researchers discovered 21 previously unknown vulnerabilities in FFmpeg, the widely-used multimedia framework. The findings raise concerns about the security posture of a project relied upon by millions of applications.
An unnamed British police officer faces criminal investigation for allegedly using artificial intelligence to create evidence in multiple cases. The officer has been removed from frontline duties in what authorities describe as the first known case of its kind in the UK.
A growing market of DIY gadgets in China allows drivers to circumvent Tesla's distracted-driving safeguards. Tiny plastic heads, blinking screens, and celebrity figurines trick the vehicle's camera into thinking the driver is paying attention.
Section 702 of the Foreign Intelligence Surveillance Act expires tonight, but surveillance operations will proceed under a certification that remains valid until March 2027.