European Banking Authority Warns of AI-Driven Cybersecurity Risks to Banks

The article explicitly mentions an AI system (Mythos by Anthropic) that could launch complex cyberattacks against the banking sector, which is a credible potential threat. However, no actual AI-driven cyberattack or harm has occurred yet. The focus is on regulatory awareness, risk assessment, and preparedness, which fits the definition of an AI Hazard rather than an AI Incident. It is not merely general AI news or product announcement, as it concerns cybersecurity risks from AI with potential significant impact on critical infrastructure (banks). It is not Complementary Information because it does not update or respond to a past AI Incident but rather highlights a new potential risk. Hence, the classification is AI Hazard.

The article centers on the potential cybersecurity risks posed by AI systems and the regulatory attention these risks are receiving. Since no actual harm or incident involving AI has occurred or is described, and the focus is on future risk preparedness and assessment, this qualifies as an AI Hazard. It is not an AI Incident because no harm has materialized, nor is it Complementary Information since it does not update or respond to a past incident. It is not unrelated because AI and its risks are explicitly discussed in the context of banking sector resilience.

The article explicitly mentions an AI system (Mythos by Anthropic) as a potential source of cyber threats to banks, which are critical infrastructure. However, it does not describe any actual AI-driven attack or harm occurring. Instead, it highlights regulatory and supervisory concerns and preparations for these risks. Therefore, this qualifies as an AI Hazard, since the AI system's use or malfunction could plausibly lead to an AI Incident (cyberattack causing disruption), but no incident has yet occurred.