Critical Threat Intelligence & Advisory Summaries
In 2019, criminals cloned a CEO’s voice and exposed a fatal flaw in how organizations verify identity. Six years later, that same flaw is driving billions in AI-powered fraud losses.
January 2026 notable vulnerabilities and related headlines summary
UAE bank manager approved funds be transferred because the voice and tone was OK, emails confirmed the conversation and legal also confirmed authority to release, yet it was not alright at all.
Employees are wiring millions to fraudsters on deepfake video calls, while AI agents are being manipulated to execute breaches from the inside and 8% of organizations don't know they've been compromised. The UK's NCSC confirmed what researchers have been warning about: prompt injection may be fundamentally unfixable, and the breach wave is already here.
Every employee followed protocol. Every control was in place. And yet AI fraud succeeded. Deepfake attacks are accelerating and your organization could be next.