AI-Powered Cyberattacks Threaten Global Financial Stability

The event involves AI systems (frontier AI models like Claude Mythos) that could be misused by hackers to launch cyberattacks, which could disrupt critical infrastructure and cause harm. However, the article does not report any realized harm or incident caused by AI misuse; it mainly describes the plausible future threat and the government's response to it. Therefore, this qualifies as an AI Hazard, as the AI system's misuse could plausibly lead to an AI Incident, but no incident has yet occurred.

The event involves AI systems explicitly as advanced AI tools driving cyberattacks. The IMF's warning is about the plausible future risk of these AI-driven attacks causing harm to the global financial system, which is critical infrastructure. Since the harm is potential and not yet realized, this fits the definition of an AI Hazard rather than an AI Incident. The report calls for preparedness and resilience to mitigate these risks, indicating the concern is about plausible future harm.

The article discusses the plausible future risks (hazards) that AI could cause in the financial sector by enabling more rapid and systemic cyberattacks that could disrupt critical financial infrastructure and markets. It does not report any realized harm or incident caused by AI but warns about potential systemic financial instability. Therefore, it fits the definition of an AI Hazard, as it plausibly could lead to an AI Incident in the future if these risks materialize. The report and calls for regulatory action are complementary information but the main focus is on the potential threat, making the classification AI Hazard.

The article discusses the potential risks AI poses to financial stability through cybersecurity vulnerabilities, which could plausibly lead to harm in the future. It does not describe any realized harm or incident caused by AI, but rather a credible warning and call for preventive measures. Therefore, this qualifies as an AI Hazard, as the AI system's involvement could plausibly lead to an AI Incident related to financial stability and cybersecurity risks.

The article primarily provides an overview of legal and regulatory developments related to AI and digital governance in China for 2025. It focuses on policy, law enforcement, and judicial system improvements to manage AI risks and protect rights, without reporting any concrete AI incident or harm. The content fits the definition of Complementary Information as it offers updates on societal and governance responses to AI, enhancing understanding of the AI ecosystem and risk management, rather than describing a new AI Incident or AI Hazard.

The article explicitly involves AI systems in the context of cybersecurity risks and defenses within the financial sector. It does not report any realized harm or incident but focuses on the potential for AI to cause systemic disruptions in financial infrastructure, which could lead to harm such as payment interruptions, liquidity crises, and loss of market confidence. Therefore, this constitutes an AI Hazard, as the AI system's development and use could plausibly lead to significant harm in the future, but no direct or indirect harm has yet materialized.

The event involves AI systems explicitly, particularly AI models capable of detecting and exploiting zero-day vulnerabilities for cyberattacks. These AI-driven attacks could directly or indirectly lead to harm by disrupting critical financial infrastructure and causing systemic financial instability, which fits the definition of an AI Incident. Although the article mainly discusses warnings and potential risks, it also references the emergence of AI-powered cyberattacks as an existing and escalating threat, implying realized or ongoing harm to financial stability. Therefore, this qualifies as an AI Incident rather than merely a hazard or complementary information.

The article describes an AI system (Cyble's AI-powered threat intelligence platform) used in cybersecurity to analyze large-scale data and provide actionable insights. However, it does not report any harm or incident caused by the AI system, nor does it describe any plausible future harm or hazard. Instead, it is a recognition and description of the AI system's capabilities and role in cybersecurity. Therefore, it is complementary information about AI developments and their applications, not an AI Incident or AI Hazard.

The article explicitly involves AI systems in the context of cybersecurity risks to the financial sector. The harms described (disruption of payment systems, market confidence, financial stability) are potential and systemic, not yet realized. Therefore, this event fits the definition of an AI Hazard, as it plausibly could lead to an AI Incident involving harm to critical infrastructure and financial stability. The article does not report any actual incident or realized harm, so it is not an AI Incident. It is more than complementary information because it focuses on the potential threat and calls for coordinated action, not just an update or response to a past event.

The article does not report an actual AI-caused incident but rather a risk assessment and warning from the IMF about the plausible future harms that AI-enabled cyberattacks could cause to financial stability. The involvement of AI systems is explicit, focusing on their potential to accelerate cyberattacks and systemic financial disruptions. Since the harm is potential and not yet realized, this fits the definition of an AI Hazard. The article also discusses policy and governance responses, but the main focus is on the plausible risk rather than on responses or updates to past incidents, so it is not Complementary Information.

The event involves AI systems in the context of cybersecurity and critical infrastructure protection, indicating a recognition of potential AI-driven threats. However, no actual harm or incident has occurred yet; the focus is on future risk mitigation and cooperation. Therefore, this constitutes a plausible future risk scenario (AI Hazard) rather than an incident or complementary information about a past event.

The report explicitly discusses AI's role in identifying and exploiting vulnerabilities in financial and other critical infrastructures, which could plausibly lead to significant harm such as disruption of critical infrastructure and harm to communities. However, the report describes potential future risks rather than an actual realized harm or incident. Therefore, this qualifies as an AI Hazard, as the AI system's involvement could plausibly lead to an AI Incident but no direct harm has yet occurred according to the description.

The article involves AI systems in the context of cybersecurity and governance but does not report any actual harm or incident caused by AI systems. Nor does it describe a credible, imminent risk of harm resulting from AI use or malfunction. Instead, it discusses a policy proposal that could influence future AI risk management. Therefore, it fits the category of Complementary Information, as it provides context on governance responses to AI-related risks without describing a specific AI Incident or AI Hazard.

The event is a conference or forum discussing AI-related cybersecurity challenges and responses, without reporting any actual or potential harm caused by AI systems. It focuses on sharing expertise, trends, and policy support rather than describing an AI Incident or AI Hazard. Therefore, it fits the definition of Complementary Information, as it provides context and updates on societal and governance responses to AI-related cybersecurity issues.

The article explicitly discusses how AI's development and use could plausibly lead to systemic financial harm by increasing the speed and scale of cyberattacks on critical financial infrastructure, which could cascade into broader economic disruptions. Although no specific harm has yet occurred, the credible risk of AI-driven cyberattacks causing financial instability qualifies this as an AI Hazard. The report's focus is on potential future harm rather than describing an incident where harm has already materialized, so it does not meet the criteria for an AI Incident. It is more than general AI news or policy commentary, so it is not Complementary Information or Unrelated.

The event involves an AI system (Mythos) explicitly described as autonomously finding software vulnerabilities and generating exploit code, which is a direct AI system involvement. The use of this AI system has already led to increased cybersecurity risks and industry-wide concern about imminent cyberattacks, indicating realized harm or harm that is actively occurring. The harms include threats to critical infrastructure, economic losses, and potential violations of rights through cybercrime. The article also notes that similar capabilities existed before but Mythos significantly scales and automates these functions, intensifying the risk. The controlled release and regulatory responses further confirm the seriousness of the harm. Hence, this is an AI Incident rather than a mere hazard or complementary information.

The article does not describe any realized harm or incident caused by AI systems. Instead, it reports on the cybersecurity landscape, the prevalence of credential theft, and the strategic shift of Italian companies towards AI-based defenses. The mention of AI is about its planned or ongoing use to prevent cyberattacks, not about AI causing harm or malfunctioning. The discussion of quantum computing is about potential future risks unrelated directly to AI system malfunction or misuse. Therefore, this article is best classified as Complementary Information, providing context and updates on AI's role in cybersecurity without describing an AI Incident or AI Hazard.

The event involves AI systems explicitly and discusses their use in cyberattacks that could destabilize financial systems and critical infrastructure. Although no actual harm or incident has occurred yet, the credible risk of systemic financial disruption due to AI-driven cyberattacks is clearly articulated. Therefore, this qualifies as an AI Hazard because it plausibly could lead to significant harm (financial instability, disruption of critical infrastructure) if not properly managed. The article also emphasizes policy responses and governance, reinforcing that the main focus is on potential risks rather than realized incidents.

The event involves AI systems (advanced AI models like Mythos) used to find vulnerabilities that could be exploited in cyberattacks. While no specific harm has yet occurred, the article clearly states that such AI-enabled cyberattacks could plausibly lead to significant harm including disruption of critical infrastructure (financial systems, energy, telecoms) and systemic risks. Therefore, this is an AI Hazard, as the AI system's development and use could plausibly lead to an AI Incident involving harm to critical infrastructure and communities. There is no indication that an actual incident has occurred yet, so it is not an AI Incident. The article is not merely complementary information since it focuses on the risk and potential harm from AI-enabled cyberattacks rather than updates or responses to past incidents.

The event involves AI systems (advanced AI models) and their potential misuse in cyberattacks against the financial sector, which could plausibly lead to significant harm to critical infrastructure and financial stability. Since the article does not report any realized harm but warns about credible risks and recommends preventive measures, it fits the definition of an AI Hazard rather than an AI Incident. The focus is on potential future harm rather than an ongoing or past incident.

The article explicitly involves AI systems (advanced AI models such as Mythos) and their use in identifying cybersecurity vulnerabilities that could be exploited to cause systemic financial disruption. No actual harm or incident has yet occurred, but the IMF warns of a credible risk of systemic failure due to correlated cyberattacks facilitated by AI. This fits the definition of an AI Hazard, as the event plausibly could lead to an AI Incident involving harm to critical infrastructure and financial stability. The article does not describe a realized harm or incident, nor is it merely complementary information or unrelated news. Hence, AI Hazard is the appropriate classification.

The event involves AI systems in the form of advanced AI tools used to identify and exploit software vulnerabilities, which could lead to cyberattacks affecting critical infrastructure like the financial system. Since no actual harm or incident has occurred yet, but the article clearly states that such AI-enabled cyberattacks could plausibly lead to significant harm, this qualifies as an AI Hazard. The article is a warning and call for action rather than a report of a realized AI Incident or a complementary information update about a past event.