Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

As the software world shifted toward microservices and distributed architectures, the volume and complexity of API traffic have skyrocketed. Unfortunately, so has the number of API-related breaches and cyber attacks. Last year, nearly 44% of all advanced bot traffic online targeted API endpoints, while traditional web applications received just 10% of the malicious traffic. It’s no surprise that 57% of organizations admit to having suffered API-related breaches in the past two years.

As the Director of Product Marketing for Jit, Charlie is responsible for telling Jit's story to the developer and security communities. We’re excited to announce that Traceable is now integrated with Jit. Today’s security teams are overwhelmed — drowning in vulnerability alerts and disconnected tooling. Traceable delivers deep, contextual API and application security insights, automatically identifying vulnerabilities with rich runtime context and risk-based prioritization.

Businesses are moving beyond AI experiments and proofs of concept. As we approach what IDC is predicting will be the “AI pivot years” of 2025-2026, organizations are prioritizing, planning, and building for scale. This shift includes AI agents — self-directed tools that automate tasks — as technology providers strive to simplify development workflows. Under the surface, AI systems expose an expanded threat landscape that spans the software development lifecycle (SDLC).

The strategic conversation around stablecoins has moved beyond innovation labs and pilot programs. It’s now a focus in executive leadership meetings and shareholder reports. In June, Bank of America’s CEO highlighted stablecoins as a potential new form of transaction account, one the industry must be ready for. SMBC has signed a multi-party MOU to explore wholesale stablecoin infrastructure.

Few sectors exemplify the enormous value of data as healthcare does. From the relatively mundane, such as digitalizing patient data for streamlined care, to the extraordinary, like the use of AI to revolutionize prostate cancer diagnosis and care, data is the lifeblood of modern healthcare and, as such, must be protected. For years, we have been told that humans and human error are the weakest link in cyber defenses, but it's time to challenge this notion.

Web Application Firewalls (WAFs) have long served as the front line of defense for web applications, filtering out malicious traffic and enforcing security policies. But as threats grow more sophisticated and application environments become more dynamic, many are questioning whether traditional WAFs are still up to the task. In 2025, with the rise of cloud-native applications, APIs, and machine learning-driven attacks, it's no longer enough to rely on static, rule-based filtering.

In today's rapidly evolving threat landscape, cybercriminals are becoming increasingly sophisticated in their attack methodologies, particularly when it comes to email-based threats. Organizations worldwide are recognizing that a single-vendor approach to security, while valuable, may not provide the comprehensive protection needed to defend against the full spectrum of modern cyber threats.

GitGuardian and GuidePoint Security have partnered to deliver enhanced secrets detection and non-human identity security solutions to North American customers, offering tools to combat secrets sprawl and mismanaged identities.

Arctic Wolf has identified a social engineering campaign targeting health care providers in the United States. Throughout multiple incidents, hospital help desks have received suspicious phone calls from unidentified individuals claiming to be doctors who had forgotten their password. When the callers were confronted with a request to verify their identities, including first name and department affiliation, the suspicious callers disconnected.

On June 17, 2025, watchTowr disclosed technical details for a pre-authenticated remote code execution (RCE) exploit chain in Sitecore Experience Platform (XP), an enterprise content management system. Although Sitecore released a fix for these vulnerabilities in May 2025, no official CVE identifiers have been assigned at this time. The three vulnerabilities are currently tracked as WT-2025-0024, WT-2025-0025, and WT-2025-0032 by watchTowr and impact Sitecore XP versions 10.1 through 10.4.