PayPal has agreed to pay $2 million to settle charges by the New York State Department of Financial Services (NYDFS) over cybersecurity lapses that exposed customers’ Social Security numbers.

A joint report by Nasdaq and Boston Consulting Group (BCG) reveals that financial institutions could achieve between $25 billion and $50 billion in annual savings by streamlining their Risk and Compliance functions.

A massive botnet comprising approximately 13,000 hijacked MikroTik routers has been deployed to distribute malware through spam campaigns, highlighting the persistent security risks tied to misconfigured networking devices.

Source: Mastercard

Mastercard is partnering with Northeastern University in Vancouver to accelerate cybersecurity innovation and expand Canada’s technology workforce.

Today marks the official enforcement of the Digital Operational Resilience Act (DORA), introducing a standardized framework to strengthen Information and Communication Technology (ICT) risk management across financial services.

In a major enforcement action, 48 state financial regulators have fined Block $80 million for violations of the Bank Secrecy Act (BSA) and anti-money laundering (AML) regulations. Block, the parent company of Cash App, agreed to pay the penalty, hire an independent consultant to evaluate its BSA/AML program, and address any deficiencies identified within 12 months. The investigation revealed compliance lapses that could enable illegal activities, including money laundering and terrorism financing.

Robinhood has agreed to pay $45 million to resolve multiple charges brought by the U.S. Securities and Exchange Commission (SEC) involving its brokerage operations.