When Process Breaks Down, Fraud Finds a Way: Through Invoices, Expenses or Both!

Recently, an attacker filed a support ticket on a Supabase-backed application. The ticket contained hidden instructions directing a Cursor IDE agent — connected to the database via MCP and running with the service_role key — to read a private creden…

The capital request that lands on your desk for an enterprise agent control plane needs a different diligence standard than the one that worked for the last decade of SaaS. A category of vendor announcements is converging on the same offer. ServiceN…

Courts are starting to signal what risk officers already suspect: when an AI system causes harm, the bank that deployed it owns the liability, not the vendor that built it. A recent CIO feature on AI accountability lays out a dynamic that should lan…

A new Okta Threat Intelligence study shows AI agents handing over OAuth tokens, leaking credentials over unencrypted channels, and bypassing their own guardrails under entirely plausible enterprise conditions — and most CIOs have no inventory of whe…

Capital requests for AI agent governance are arriving on CFO desks one platform at a time, each defensible in isolation, and the gap between them is where the financial exposure lives. The reason these requests are arriving now is that the market ju…

Treasury's stablecoin rule turns a compliance question into a capital question, and the meter is already running. What CFOs and compliance leaders need to know: The clock is twelve months from rule finalization, with comments closing June 9 — short…

The current generation of enterprise AI pitches is more sophisticated than the skeptics give them credit for. The orchestration vendors have done real work on making agent behavior inspectable. What most of them have not done is push that inspectabi…

Diginomica's write-up of NatWest's Venture Banking launch with AWS is being read as an AI announcement. It is not. It is a story about institutional discipline — about a bank that accepted the boring, expensive, multi-year work had to come before th…

Enterprise AI is crossing from experimentation into operation, and the cost structure of that transition is not what the first wave of business cases assumed. AI Business reported in mid-April that Salesforce, Databricks, and AWS each released agent…

Derek du Preez's coverage of Google Cloud Next '26 cuts to the decision that actually matters for agentic systems: who owns the audit and policy plane when your agents start acting on enterprise data. Not the model. Not the framework. The control la…

The shift this quarter is not what AI can do next, it is what enterprises can actually govern once AI is running across their systems. AI Business reported in mid-April that Salesforce, Databricks, and AWS all rolled out agent governance and registr…

Your next agentic AI deployment is likely to struggle under examination for reasons your model risk framework wasn't built to catch. Industry analysts including Gartner and McKinsey continue to report that the majority of enterprise AI projects fail…