Regarding vulnerabilities, which many think (wrongly) are not present in mainframes, because they are networked nearly as much, and have massively fewer programs running on them, don't show up as much. But they are there.
Certainly, but it's also worth noting that the environments in which programs execute on most mainframes are much more restricted than those of even the typical servers of today, and have been by default for decades.
Somehow I'm not seeing the entire worlds financial system as being either un-networked or not an appealing target.
If you think skript kiddies on the other side of the planet are a difficult adversary, try inside jobs like corrupt fellow employees, now they're a worthy adversary.
