Indian digital security experts say there should be a coordinated action to keep our banks safe. Image: TheDigitalArtist/Pixabay
By Editorial Desk, on April 21, 2026
By Editorial Desk, on April 21, 2026
When people start talking about banks facing trouble, ears in Kerala prick up. This is not surprising as the state remains one of India’s biggest recipients of overseas remittances, and non-resident deposits have crossed the 3 trillion-rupee mark in 2025.
For many Kerala families, fixed deposits are still the backbone of savings and almost everyone is connected to the banking system in some way. Given this backdrop, what’s now unfolding in global financial centres isn’t some distant story – it matters directly to Kerala.
The chatter started in the usual AI hype cycle, especially as Silicon Valley continues to churn out new claims with monotonous regularity. But this time feels different.
When the US Treasury Secretary and the Federal Reserve Chair call in Wall Street’s biggest banks for urgent discussions, and regulators from the UK to Singapore start issuing cybersecurity warnings, it’s worth paying attention.
Their concern: Claude Mythos, released by Anthropic on April 7 in a limited preview, saying it is discovering thousands of vulnerabilities in different operating systems used widely across the world and in the wrong hands it could be a dangerous weapon. It created a platform, Project Glasswing, and invited major tech players like Google, Apple, Microsoft, IBM and Cisco to shore up their defence using Mythos.
Within days, it had governments, central banks, and cybersecurity agencies scrambling. A week later, OpenAI followed up with its own model, GPT-5.4-Cyber, designed to find software vulnerabilities, again not released publicly over fears it could be misused by cyber criminals.
Doubts Raised: Some of the biggest names in AI are pushing back on the hype. Yann LeCun, one of the pioneers of modern deep learning, dismissed the Mythos episode as “BS from self-delusion.” Former White House AI czar David Sacks, while acknowledging risks, suggested Anthropic has a tendency toward scare tactics.
But cybersecurity firms like Cisco, CrowdStrike and Palo Alto Networks – which have had hands-on access to Mythos – are treating it as a genuine inflection point. And these are companies whose credibility depends on getting threat assessments right.
Against this backdrop, waiting it out may not be the most appropriate course of action. Indian authorities are yet to issue an official response. But cybersecurity experts in Kerala say this is the moment for coordinated, quick action.
Bigger Risk: Anthropic claims Mythos can identify and exploit previously unknown weaknesses across major operating systems and web browsers. In simple terms: it can find cracks in the digital systems that governments and banks rely on – cracks that no one noticed before. If such models become accessible, it makes the job easier for criminal minds to take control of protected data, like your bank password.
“AI isn’t creating new cyber threats – it’s making existing ones faster and harder to stop,” says Deepa Sarath, Chief Operations Officer at Ciber Digita Consultants in Trivandrum. “And in a country like India with huge digital payments and many still-maturing banking systems, that makes the risk much bigger.”
Finding holes in complex software isn’t new. But earlier, it was slow and manual. If you want to breach the protective walls of a program, it meant scanning thousands of lines of code – a needle-in-a-haystack exercise. Once identified, companies would patch it – often within weeks, sometimes longer in countries like India. The window would usually close before malicious actors could take advantage.
That model is now outdated. AI has dramatically shrunk the timeline. What used to take months can now happen in hours. As Singapore’s Cyber Security Agency warned, the gap between discovering a vulnerability and exploiting it is collapsing.
Wider Target: That’s what’s setting off alarm bells globally.This isn’t just a problem for financial hubs. Over the past few years – especially after Covid – financial systems everywhere have gone fully digital.
India is right at the front of this shift. Aadhaar, UPI, NPCI, government service platforms – the country has built one of the most advanced digital public infrastructures in the world.
But here’s the catch: much of this sits on top of older, legacy systems. Especially in public sector banking. Banks like SBI have modernised on the surface, but their core architecture is still decades old. And in cybersecurity terms, “old” often means “vulnerable”.
“UPI’s massive scale does raise fraud risks, but its design is strong,” says Jancy Jose, founder of Strava Cyber Labs and Strava Technologies. “The real issue is how fast banks modernise and plug gaps in older systems.”
Strong Defence: Kochi-based Lt Gen MU Nair (Retd.), former National Cyber Security Coordinator, believes India has the talent to handle this.“There could be incidents,” he says, “but we have strong cybersecurity professionals who can protect our infrastructure.”
The bigger challenge, according to him, isn’t capability – it’s awareness and speed. Keeping users informed, adapting quickly to new risks, and continuously upgrading systems.
He also points out that regulation needs to catch up. Technology is moving faster than policy, and frameworks need to become more nimble.
Fast Action: That urgency is echoed by industry voices. “AI security can’t stay a ‘next year’ item – banks need real experts visibly in charge now,” says Deepa Sarath. “New AI tools aren’t changing the game, they’re speeding it up and exposing anyone who’s behind.”
She adds that Indian regulators and banks should also push for early access to programmes like Project Glasswing. “Whoever gets a first-row seat now sees the attack patterns first.”
So far, the Reserve Bank of India hasn’t made any public statements about the new threats. Neither has the finance ministry or the India’s market regulator Securities and Exchange Board of India (Sebi).
Some early moves are visible though. HDFC Bank has said it is working with the Data Security Council of India and is in touch with Anthropic. The fintech industry body FACE has asked members to strengthen cyber defences and monitor vulnerabilities continuously.
Humans vs Machines: Experts are increasingly blunt about the gap. They say India’s cybersecurity systems were built for “human-speed” threats. But AI operates at machine speed – finding and exploiting vulnerabilities in hours, not weeks.
“Financial institutions and regulators must urgently treat AI as a systemic risk, not just a productivity tool,” says Jancy Jose. She adds that banks need to harden systems against AI-driven attacks and reduce over-reliance on a few cloud or AI vendors.
Some warnings go even further.
Former Punjab IAS officer KBS Sidhu writing in The Print makes a stark point: if Mythos can find decades-old flaws in systems like Windows and Chrome, it could potentially do the same for Aadhaar or UPI – before anyone else does. And Kailash Nadh, CTO at Zerodha, says that while Sebi already has an extensive cybersecurity framework, LLM-specific risks have not yet been formally addressed.
Race Against Time: For Kerala, this hits closer to home than most places as the economy is deeply tied to foreign remittances. Banks hold the life savings of millions, in a state where fixed deposits are still seen as the safest bet.
The question isn’t whether the system will face stress – it’s whether defences can keep up.
Because in a world where vulnerabilities can be found in hours, protecting people’s security and wealth has become a race against time.
India’s manufacturing moment builds up
In more encouraging signs from the Indian manufacturing sector, media reports say Apple has started exporting phone components worth over 2.5 billion US dollars. That too to China. Several Apple suppliers in India contributed to shipments to China, including Foxconn, Tata Electronics and Tata-owned Pegatron Technology India, reports the Times of India. The newspaper says central government schemes like production-linked incentives have nudged Apple to develop a strong domestic supply chain, instead of just relying on assembly lines. The components exported include printed circuit board assemblies, mechanical parts, casings, and volume and power buttons.
This has encouraged New Delhi to plan a second phase of the production-linked incentive scheme for mobile manufacturing, with an expected outlay of over 5 billion US dollars, says the Economic Times. The proposed scheme, referred to as mobile PLI 2.0, is likely to be introduced by May, says the report. The new scheme aims to achieve 30 percent of global mobile output by 2031.
Humanoids sprint past humans
Humanoids are yet to learn how to fold clothes properly, but they are already getting ahead of humans in marathon competitions. At the second edition of the Beijing marathon, a humanoid called Lightning, developed by smartphone and gadget company Honor, finished the race in 50 minutes and 26 seconds – several minutes faster than the world record set by Jacob Kiplimo last month in Lisbon. It was also two hours faster than last year’s winning time. But the winner needed human assistance, as it lost direction and crashed into a side hoarding a few metres before the finish line. About 60 percent of the participating humanoids were remote-controlled, and battery changes were frequent. But media reports say there were fewer mishaps this time compared to the inaugural edition.
Ukraine war drives drone boom
While the Iran–US conflict has once again put the focus on drone warfare, it is the Russia–Ukraine war that is fast-forwarding drone technology at a furious pace. A Ukrainian government adviser told CBS that the country now makes 4 million drones annually and innovation cycle for new drones can now be as short as one week: a model is sent to the front line, feedback is relayed to the factory, and an upgraded version is delivered. And the results are evident. Ukrainian President Volodymyr Zelenskyy recently said their forces have taken a Russian position entirely with drones, without deploying artillery or soldiers. Given this, anti-drone defence could soon become a booming sector, and Indian startups have an open field ahead of them, as this remains largely virgin territory.
Potty upgrade for cars
A Chinese car maker has filed a patent for an in-vehicle toilet. Yes, a loo that slides out from under the passenger seat – for when nature refuses to wait for the next stop. It can be used while camping or when you are stuck in traffic, engineers from Seres said in their filing. The setup includes a fan and exhaust pipe to push odours out, reports the BBC. Waste goes into a tank that has to be emptied manually – not everyone’s idea of a road trip memory. There is also a heating element that evaporates urine and dries the rest. But don’t cancel your pit stops yet. The company says there are no plans as of now to put it into production.
