Generative AI is changing industries by making automation, creativity, and decision-making more powerful. But it also comes with security risks. AI models can be tricked into revealing information, generating harmful content, or spreading false data. To keep AI safe and trustworthy, experts use GenAI Red Teaming. This method is a structured way to test AI systems for weaknesses before they cause harm.

We’re excited to announce Jit’s integration with Semgrep Code, bringing best-of-breed static application security testing (SAST) into Jit’s complete product security platform. This integration makes it easier than ever for security teams to detect, unify, and prioritize code security vulnerabilities alongside other product security risks.

The evolving regulatory landscape surrounding digital assets presents a host of challenges for banks looking to enter the crypto space. While recent decisions have helped clear a path for banks to engage in crypto-assets and related activities, the regulatory environment remains fragmented, with federal and state authorities offering varying levels of clarity and approval processes.

Group-IB has published a report on SIM swapping attacks, finding that attackers continue to use social engineering to bypass technical security measures. SIM swapping is a technique in which an attacker takes over a victim’s phone number, which enables them to access the victim’s accounts. This involves tricking the telecom operator into reassigning the victim’s phone number to a SIM card controlled by the attacker.

Managing PostgreSQL access is a pain for engineering teams. Setting up users, roles, and keeping track of permissions slows down engineers. Security risks may emerge in the form of shared admin accounts or missteps in user setup or authorization workflows. Check out this screenshot from a Reddit thread discussing this problem.

The importance of machine identity security has reached a critical juncture in 2025. With machine identities now far outnumbering human ones, securing these digital credentials has become a top cybersecurity priority for enterprises.

Arctic Wolf has recently observed a campaign in which threat actors are compromising widely used websites across various industries and embedding a fake CAPTCHA challenge. When victims visit the site, they are presented with the CAPTCHA challenge or redirected to a site that provides instructions, triggering PowerShell code execution and ultimately leading to the loading of information stealer malware.