Liminal members enjoy the exclusive benefit of receiving daily morning briefs directly in their inboxes, ensuring they stay ahead of the curve with the latest industry developments for a significant competitive advantage.
Looking for product or company-specific news? Log in or sign-up to Link for more detailed news and developments.
Here are the main industry highlights of this week impacting identity and fraud, cybersecurity, trust and safety, financial crimes compliance, and privacy and consent management.
🪄Innovation and New Technology Developments
Idemia Launches TPE6 Biometric Platform to Advance Enrollment for Law Enforcement and Civil Use
IDEMIA Public Security has introduced TPE6, the latest update to its LiveScan biometric enrollment platform, aimed at improving speed, accuracy, and user experience for law enforcement and civil registration. Unveiled during a Biometric Update webinar, the refreshed system includes user safety features, enhanced biometric quality feedback, and a new dual iris and facial recognition camera. Designed with input from police agencies and other users, TPE6 supports applications ranging from background checks to immigration. The platform is widely deployed across the U.S., Canada, and internationally, and offers customizable tools to suit various operational needs. (Source)
đź’° Investments and Partnerships
Daylight Security Secures $7 Million Seed to Launch AI-Powered MDR Service with Human Oversight
Daylight Security, an Israeli cybersecurity startup, has raised $7 million in seed funding to launch a hybrid Managed Detection and Response (MDR) service that combines AI agents with human analysts. Backed by Bain Capital Ventures and notable Israeli investors, the company aims to address the growing complexity of cyber threats by accelerating detection and response while reducing the workload on internal teams. Founded by intelligence veterans Hagai Shapira and Eldad Rudich, Daylight’s model uses AI for data analysis and triage, with human experts making final decisions. Already in use by clients in finance and tech, the company plans to expand its team as it targets the growing MDR market. (Source)
Datadog in Talks to Acquire Upwind for $1 Billion to Expand Cloud Security in Israel
Datadog is reportedly in advanced talks to acquire Israeli cybersecurity startup Upwind Security for approximately $1 billion, just three years after the company’s founding. Upwind, which offers a comprehensive cloud-native application protection platform (CNAPP), has raised $180 million to date, including a $100 million Series A round in December 2024 that valued the company at around $900 million. Founded by former Spot.io executives, Upwind integrates multiple cloud security functions into a single platform. The potential acquisition would mark Datadog’s largest in Israel, expanding on previous smaller deals like Seekret and Ozcode. (Source)
Xelix Secures €137 Million to Expand AI-Driven Accounts Payable Automation and Global Reach
Xelix, a London-based fintech firm specializing in accounts payable (AP) automation, has secured €137 million in Series B funding led by Insight Partners. The company leverages agentic AI to detect invoice fraud, prevent overpayments, and streamline supplier communications, auditing over $750 billion in spending annually for clients like AstraZeneca and Virgin Atlantic. Its growth has been bolstered by the Helpdesk module, which helps manage supplier queries alongside its AI-powered audit tools. With this new funding, Xelix plans to enhance its platform, expand globally, and further position AP as a strategic function within finance departments. (Source)
Regnology to Acquire Wolters Kluwer FRR Unit to Strengthen Cloud-Based Regulatory Reporting Solutions
Regnology has announced plans to acquire Wolters Kluwer’s Finance, Risk and Regulatory Reporting (FRR) unit, aiming to expand its regulatory reporting capabilities and market reach. The deal is expected to enhance Regnology’s support for financial institutions by integrating FRR’s tools into its cloud-first platform, offering scalable solutions for evolving compliance needs, including Basel IV. The acquisition, pending regulatory and employee approvals, reflects Regnology’s strategy to provide unified infrastructure for both legacy and modern systems. Both companies emphasize continued service excellence and growth opportunities for clients and employees. (Source)
StrongestLayer Launches With $5.2M to Build AI-Native Email Security Against Generative Phishing Threats
StrongestLayer has launched from stealth with $5.2M in seed funding to build AI-native email security that counters the rise of generative AI phishing. Founded by veterans from Proofpoint and Google, the platform uses LLMs for advanced intent analysis and reasoning, moving beyond outdated pattern-matching. As attackers craft highly personalized phishing emails with ease, StrongestLayer offers detection and training tools tailored to each organization’s threat profile, aiming to meet the evolving challenges of AI-powered email attacks. (Source)
Stripe Acquires Orum to Expand Real-Time Payments and Bank Verification Capabilities
Stripe has acquired Orum, a U.S. fintech focused on payment orchestration and bank account verification, to strengthen its real-time payments infrastructure. Orum 🥇 supports ACH, RTP, and FedNow rails and enables fast bank authentication via a single API. The move aligns with Stripe’s push beyond card payments, following investments in digital assets and open banking. Orum’s team, including CEO Stephany Kirkpatrick, will join Stripe. The deal reinforces Stripe’s position in the growing real-time payments space, where demand for fast and integrated solutions continues to rise. (Source).
Vanta Acquires Riskey to Transform Vendor Risk Management with Real-Time AI Intelligence
Vanta has acquired Riskey to enhance its Vendor Risk Management platform with real-time, AI-driven risk intelligence. The integration replaces outdated assessments with continuous monitoring to detect vendor threats proactively. Riskey’s tech adds dynamic AI scoring and alerts for breaches, misconfigurations, and leaked credentials. Vanta VRM now enables automated assessments and streamlined mitigation, cutting time and cost for IT teams. The move reinforces Vanta’s position in AI-powered trust management and boosts security with measurable ROI. (Source)
Paddle Secures $25 Million to Accelerate Global Expansion and Monetization Support for SaaS and AI Companies
Paddle has raised $25M from CIBC Innovation Banking to fuel global expansion, product development, and enterprise support—building on $293M in prior equity funding. As a Merchant of Record, Paddle simplifies payments for 6,000+ SaaS, AI, and app companies. Growth in 2025 is driven by AI adoption, Apple’s web payments shift, and a 40% annual growth rate. The company expanded to Austin and made key hires from Shopify, Intercom, and ServiceNow. Recent partnerships with Vercel and RevenueCat, along with Apple policy changes, have strengthened Paddle’s role in digital monetization. (Source)
Lansweeper Acquires Redjack to Expand Unmanaged Asset Discovery and Strengthen Cybersecurity Visibility
Lansweeper has acquired Redjack, a passive asset discovery firm that uses sensors to monitor network traffic across cloud, on-prem, container, and edge environments. Redjack’s platform offers real-time visibility into all connected assets and maps dependencies to expose shadow IT and risks. It also scores assets for resilience and business criticality. The acquisition boosts Lansweeper’s capabilities in attack surface management and third-party risk, expanding its roadmap to cover unmanaged assets. Backed by $159M in funding, Lansweeper will integrate Redjack to deepen asset intelligence and cybersecurity visibility.(Source)
⚖️ Policy and Regulatory
Sam Altman Warns of AI Voice Clone Fraud Crisis and Calls for Tech-Regulator Collaboration
At a Federal Reserve conference, OpenAI CEO Sam Altman warned of a looming fraud crisis fueled by AI-generated voice clones, calling current bank voice authentication systems insecure. He predicted a surge in sophisticated attacks using minimal audio input to mimic voices and move funds undetected. Altman also highlighted threats from AI video deepfakes and urged collaboration between tech firms and regulators. Fed Vice Chair Michelle Bowman expressed openness to partnership, and OpenAI plans to expand its presence in Washington, D.C. to support policy and regulatory engagement. (Source)
Chinese-Linked Hackers Exploit SharePoint Zero-Day to Breach Over 50 Organizations
Microsoft has attributed recent cyberattacks exploiting a zero-day vulnerability in its SharePoint server platform to Chinese state-affiliated hacking groups, including Linen Typhoon, Violet Typhoon, and Storm-2603. At least 54 organizations, such as a California energy operator and a federal health agency, have reportedly been breached. The vulnerability allows unauthorized access to on-premises SharePoint servers, enabling data theft and lateral movement across networks. Microsoft has released patches for all affected SharePoint versions and warns that unpatched systems remain at high risk of further exploitation. (Source)
Dior Data Breach Exposes Sensitive Customer Information in U.S. Following Louis Vuitton Incident
Dior has disclosed a data breach that compromised the personal information of its U.S. customers, including names, contact details, Social Security numbers, and passport information, though not payment data. The breach occurred on January 26, 2025, and has since been contained, according to third-party cybersecurity experts. Dior is offering affected individuals two years of free identity theft protection and credit monitoring. This incident follows a similar data breach reported by fellow LVMH group brand Louis Vuitton, impacting clients in multiple countries. (Source)
Retailers Confront Growing Return Fraud as Casual Dishonesty Escalates in E-Commerce Era
Return fraud is surging in the U.S., costing businesses an estimated $103B annually. While some schemes involve scams like empty box returns, much of the fraud comes from everyday consumers abusing generous return policies to “rent” or misuse items. E-commerce has worsened the issue, as online returns are harder to verify. Retailers—especially small businesses—are tightening policies and using data to flag repeat offenders. Still, many shoppers view these actions as harmless, fueling a culture of casual dishonesty in retail.. (Source)
Mexico Mandates Biometric CURP and Launches Unified Identity Platform by 2026
Mexico has enacted a law mandating biometric identification for all citizens, transforming the previously optional CURP (Unique Population Registry Code) into a compulsory document. The updated CURP will include personal details, a photograph, and biometric fingerprint and iris data encoded in a QR code. The rollout of the new identifier is scheduled to be completed by February 2026. The legislation also calls for the creation of a Unified Identity Platform to integrate this data with state databases, and mandates that both public and private institutions update their systems accordingly. Additionally, a nationwide initiative to collect biometric data from minors is set to begin within 120 days. (Source)
đź”— More from Liminal
Access Our Intelligence Platform
Stay ahead of market shifts, outperform competitors, and drive growth with actionable intelligence.
Save your Spot: Evolving Identity Access Management Demo Day
Liminal Demo Day will feature the top solution providers delivering live, 15-min demos focused on real-world IAM use cases across customer and workforce access journeys.
Link Index for Data Access Control
Discover the top 24 vendors shaping Data Access Control in 2025. This Link Index reveals how organizations are managing permissions, securing sensitive data, and aligning with evolving compliance demands.
Link Index for AI Data Governance
Discover how top vendors are shaping the future of AI Data Governance through scalable controls, model oversight, and real-time compliance across complex data environments.
Link Index for Ransomware Prevention
Explore the latest Link Index on Ransomware Prevention, featuring 22 top vendors helping organizations stay resilient against evolving cyber threats.
