We’re excited to announce Jit’s new integration with Bright Security, a best-of-breed DAST solution built for developers. This integration brings Bright’s accurate, low-noise security testing into Jit’s unified product security platform—so your AppSec team and developers can manage, prioritize, and remediate vulnerabilities from one centralized backlog. The problem?

The AI boom is creating a new content economy – one where savvy content owners are striking multi-million-dollar licensing deals, while others are being automatically scraped by bots to train AI models for free. It’s impossible not to have noticed the biggest names in AI, including OpenAI, Google, Anthropic, Perplexity and more, at the center of an argument about ethical content scraping.

Outpost24 analysts recently discovered a critical authentication bypass vulnerability in CrushFTP, identified as CVE-2025-31161. The vulnerability has a CVSSv3.1 score of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8). We reached out to MITRE for a CVE on 13th March 2025 and were within an agreed 90-day non-disclosure period with CrushFTP. The plan was to give users plenty of time to patch before attackers were alerted to the vulnerability and able to exploit it.

JUMPSEC have detected and tracked a new phishing attack campaign targeting numerous industrial sector organisations, predominately in engineering, construction, and energy sectors in the UK and US, where threat actors have consistently used a common and identifiable AITM (Adversary in the Middle) phishing kit throughout March 2025. At-risk organisations should take steps to reduce the risk of compromise as the infrastructure detailed below continues to be leveraged by threat actors.

At Tines, we're committed to making workflow building as easy and efficient as possible. That’s why we’re so proud of our library, which reached an exciting milestone today when it officially became home to over 1000 pre-built workflows. These pre-built workflows, known to many Tines users as stories, are designed to foster knowledge sharing across the security and IT community, providing inspiration and shortcuts to help users build faster and more effectively.

Quantifying the economic impact of Elastic Security As public sector organizations grapple with a changing economic and political landscape, the focus has increasingly turned to driving efficiencies, reducing costs, and strengthening resiliency.

The cloud has become the hub of modern data traffic. It offers organizations of all sizes unprecedented speed, flexibility, and countless collaboration options. However, cybercriminals also know how to exploit the power of the cloud for their own purposes, which is why proven security solutions—and service providers who can implement them quickly and in a customized manner—are in high demand.

The cybersecurity landscape evolves rapidly. Threat actors develop sophisticated methods to breach defenses. Network Detection and Response (NDR) has emerged as a critical component in modern security solutions, identifying and mitigating threats traditional defenses miss.

It’s been just over a year since open source Falco graduated from the Cloud Native Computing Foundation (CNCF) during KubeCon EU 2024, and the momentum hasn’t slowed down. From advancements in real-time threat response and expanded audit event collection across cloud-native environments, to reaching 150 million downloads and even new open-source technologies like Stratoshark being built on Falco’s libraries, the project continues to evolve rapidly.

Due to compromised accounts, financial institutions lose billions annually in unauthorized transactions and account-related fraud. Airlines suffer millions in fraudulent ticket purchases, and retailers face widespread loyalty fraud and resold gift cards. Automated, bot-driven takeovers further amplify the issue, driving costly credential-stuffing attacks that inflate operational costs and burn through budgets. The list goes on, and the problem is only getting worse.