Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

If you think AI-generated code is saving you time and boosting productivity, you’re right. But here’s the problem: it’s also likely introducing security vulnerabilities. However, there are GenAI security practices that can be weaved into your workflow to help protect your apps. The software development landscape is shifting under our feet.

Late last week, GreyNoise published one of the clearest signals we have seen that AI systems are no longer just research targets. They are operational targets. Their honeypot infrastructure captured 91,403 attack sessions between October 2025 and January 2026, revealing two distinct campaigns systematically mapping AI deployments at scale. This is a meaningful inflection point.

A recent University of North Carolina Wilmington study tested whether general-purpose large language models could infer CVSS v3.1 base metrics using only CVE description text, across more than 31,000 vulnerabilities. The results show measurable progress, but they also expose a hard limit that matters far more than model selection: Model quality helps, but missing context sets a ceiling on reliability.

The OWASP Top 10 is usually presented as a list of technical failures. Broken access control. Injection. Insecure design. Misconfiguration. Each category points to something that went wrong in the application. What it doesn’t say explicitly is what was actually at risk when it went wrong. In most real incidents, the answer is not “the application.” It’s the data inside it. Sensitive data is the reason attackers care about OWASP failures in the first place. Credentials.

Automotive engineering teams are being asked to deliver faster, with less tolerance for failure. Software-defined vehicle programmes, secure OTA rollouts, zonal and service-oriented architectures, and continuous feature delivery are now baseline expectations. In parallel, regulatory pressure is increasing — from WP.29 (R155/R156), ISO/SAE 21434, and the forthcoming EU Cyber Resilience Act — tightening requirements around software integrity, traceability, and lifecycle governance.

In AI-powered security, advantage comes not from automation alone, but from clear insight into how decisions are made. At Arctic Wolf, home to one of the world’s largest commercial security operations centers (SOC), we process over 10 trillion security events weekly. Rather than chasing automation for its own sake, we build AI that scales human expertise – preserving judgment where it matters most. But what is the optimal combination of humans and machines for security operations?

Gartner frames the AI SOC landscape as a dichotomy: providers pursuing full SOC replacement versus those building AI products to augment existing staff. Of these two approaches, only augmentation aligns with real-world security operations. It helps analysts triage alerts, investigate faster, enrich context, and summarize incidents with better consistency, all while keeping humans in the loop, even if their day-to-day efforts change.

WIRED reports that deepfake attacks are impersonating pastors and other religious figures in order to scam congregations. Father Mike Schmitz, a priest who hosts a podcast with over a million followers, warned his listeners in November that AI-generated deepfakes were using his likeness to fraudulently solicit donations. WIRED found that several of these fake accounts are still active on TikTok, and they appear when a TikTok user searches for Father Schmitz.