Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Artificial intelligence is reshaping financial services, from fraud detection to personalized banking assistants. But with innovation comes risk. AI agents—particularly those powered by large language models (LLMs)—are increasingly being embedded into financial workflows. While they promise efficiency, they also introduce a new layer of data compliance challenges.

Internxt has always placed privacy and security at the core of everything we do. Today, we are proud to announce that we have successfully achieved ISO/IEC 27001:2022 compliance, a globally recognized standard for information security management. This milestone reflects our unwavering commitment to protecting our users’ data through rigorous security practices and independant audits.

Choosing a pen testing company today is no longer a technical decision; it’s a political one. You’re balancing vendor promises, dev timelines, board expectations, & a dozen tools.

Organizations worldwide are increasingly developing or implementing AI-powered tools to streamline operations and scale efficiently. However, the benefits come with unpredictable risks unique to AI that need to be mitigated with the right safeguards. ‍ One of the biggest AI security challenges is the lack of formalized oversight. According to Vanta’s State of Trust Report, only 36% of organizations have AI-informed security policies in place or are in the process of building them.

A vulnerability on a popular source-code editor has been recently released along with a proof-of-concept (POC) exploit, but the security community isn’t so sure that it’s a legitimate flaw. In this article, we look at CVE-2025-56383, discuss what developers are saying in the wild, and provide our experts’ take on the issue.

For months now, journalists and cybersecurity experts, including UpGuard, have been following the movements of the hacker collective “Scattered Lapsus$ Hunters,” a sort of supergroup of the already well-known cybercriminal entities ShinyHunters, Scattered Spider and Lapsus$. Now, this collective has launched a website where they can extort payment from entities in return for delisting and deleting their data.

As businesses expand, so do their lists of third-party vendors—and with them, the number of risk factors and complexity. This increase means that security analysts are often overwhelmed by a growing number of vendor risk assessments. However, completing an assessment alone isn’t enough; its value depends on how effectively the results are communicated.

Running a penetration test is only half the battle. The real challenge is translating complex technical findings into insights that leadership can act on. The right metrics do not just highlight vulnerabilities; they tell a story about risk, resilience, and readiness. In this guide, we explore the penetration testing metrics that truly matter and how to present them in a way that resonates with decision-makers.

On October 2, 2025, Oracle announced that some Oracle E-Business Suite (EBS) customers had received extortion emails. Oracle’s investigation revealed the potential use of vulnerabilities previously addressed in the July 2025 Critical Patch Update. The following nine vulnerabilities in EBS products were addressed in the July update. These vulnerabilities range from medium to high severity, with three potentially exploitable by remote, unauthenticated threat actors.

A comprehensive analysis of the breach that exposed 570GB of consulting data and put 800 organizations at risk.