Category: 3. Business

Filter by article type:

In-brief analysis

In-depth analysis

Certification accelerates leadership in trusted AI governance, enabling organizations to outpace AI-accelerated threats with speed and control

AUSTIN, Texas – January 22, 2026 – CrowdStrike (NASDAQ: CRWD) today announced it has achieved ISO/IEC 42001:2023 certification, validating its disciplined, externally audited approach to the responsible design, development, and operation of AI-powered cybersecurity. This certification spans core CrowdStrike Falcon® platform capabilities, including CrowdStrike Endpoint Security, Falcon® Insight XDR, and CrowdStrike® Charlotte AI.

ISO 42001 provides organizations with a globally recognized framework as they navigate emerging AI standards and regulatory expectations. It reinforces trust in CrowdStrike’s responsible AI governance and accelerates leadership in the AI era, delivering the speed, precision, and control to outpace AI-accelerated threats safely and at scale.

“CrowdStrike is among the first cybersecurity companies to achieve ISO 42001 certification, the world’s first AI management system standard,” said Michael Sentonas, president of CrowdStrike. “For a cybersecurity vendor, responsible AI governance is foundational. This certification validates the maturity, discipline, and leadership behind how we develop and operate AI across the Falcon platform.”

AI-Accelerated Threats Demand AI-Powered Protection

CrowdStrike pioneered AI-native cybersecurity and continues to deliver the platform innovation needed to stop evolving threats. Modern adversaries are weaponizing AI to scale attacks faster than defenders can respond. To safely gain the speed advantage, organizations need AI-powered protection built for the realities adversaries ignore. Defenders must operate under AI governance, regulation, and accountability that attackers do not – requiring AI that delivers intelligent automation, adheres to standards, and avoids introducing risk.

Innovation for the Agentic Era

The AI-native Falcon platform continuously analyzes behaviors and delivers real-time protection across the entire attack surface. Charlotte AI defines cybersecurity in the agentic era, elevating analysts from alert handlers to orchestrators of the agentic SOC. Intelligent agents trained on years of expertise from the world’s top SOC operators automate time-consuming tasks across the security lifecycle – always under defender control – freeing analysts to focus on the strategic decisions that strengthen security. Charlotte AI powers the agentic SOC on these foundational innovations: 

• The Agentic Security Workforce provides mission-ready agents trained on human expertise and response actions from Falcon® Complete and incident response engagements.
• Charlotte AI AgentWorks enables organizations to build and customize their own agents without writing a single line of code.
• Charlotte Agentic SOAR is the orchestration layer that allows CrowdStrike, custom-built, and third-party agents to work together as one coordinated defense system guided by human expertise.

Responsible Agentic Transformation

Charlotte AI operates within a model of bounded autonomy, ensuring security teams maintain full oversight of AI-driven decisions and define when and how AI-driven and automated actions occur. AI data, models, and agents are protected with governance and controls designed for highly regulated environments.

Accelerating CrowdStrike’s ongoing commitment to protecting the security and privacy of customer and organizational data in the AI era, ISO 42001 certification was awarded following an extensive audit conducted by an independent, accredited certification body. The assessment evaluated CrowdStrike’s AI management system, including governance, policies, risk management, and development practices for designing, deploying, and operating AI responsibly.

To learn more about CrowdStrike’s ISO 42001 certification, visit the CrowdStrike Compliance and Certification Page.

About CrowdStrike

CrowdStrike (NASDAQ: CRWD), a global cybersecurity leader, has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk – endpoints and cloud workloads, identity and data.

Powered by the CrowdStrike Security Cloud and world-class AI, the CrowdStrike Falcon® platform leverages real-time indicators of attack, threat intelligence, evolving adversary tradecraft, and enriched telemetry from across the enterprise to deliver hyper-accurate detections, automated protection and remediation, elite threat hunting, and prioritized observability of vulnerabilities.

Purpose-built in the cloud with a single lightweight-agent architecture, the Falcon platform delivers rapid and scalable deployment, superior protection and performance, reduced complexity, and immediate time-to-value.

CrowdStrike: We stop breaches.

Learn more: https://www.crowdstrike.com/

Follow us: Blog | X | LinkedIn | Instagram

Start a free trial today: https://www.crowdstrike.com/trial

© 2026 CrowdStrike, Inc. All rights reserved. CrowdStrike and CrowdStrike Falcon are marks owned by CrowdStrike, Inc. and are registered in the United States and other countries. CrowdStrike owns other trademarks and service marks and may use the brands of third parties to identify their products and services.

Media Contact

Jake Schuster

CrowdStrike Corporate Communications

press@crowdstrike.com

 

Executive Summary

Imagine visiting a webpage that looks perfectly safe. It has no malicious code, no suspicious links. Yet, within seconds, it transforms into a personalized phishing page.

This isn’t merely an illusion. It’s the next frontier of web attacks where attackers use generative AI (GenAI) to build a threat that’s loaded after the victim has already visited a seemingly innocuous webpage.

In other words, this article demonstrates a novel attack technique where a seemingly benign webpage uses client-side API calls to trusted large language model (LLM) services for generating malicious JavaScript dynamically in real time. Attackers could use carefully engineered prompts to bypass AI safety guardrails, tricking the LLM into returning malicious code snippets. These snippets are returned via the LLM service API, then assembled and executed in the victim’s browser at runtime, resulting in a fully functional phishing page.

This AI-augmented runtime assembly technique is designed to be evasive:

• The code for the phishing page is polymorphic, so there’s a unique, syntactically different variant for each visit
• The malicious content is delivered from a trusted LLM domain, bypassing network analysis
• It is assembled and executed at runtime

The most effective defense against this new class of threat is runtime behavioral analysis that can detect and block malicious activity at the point of execution, directly within the browser.

Palo Alto Networks customers are better protected through the following products and services:

The Unit 42 AI Security Assessment can help empower safe AI use and development across your organization.

If you think you might have been compromised or have an urgent matter, contact the Unit 42 Incident Response team.

LLM-Augmented Runtime Assembly Attack Model

Our previous research shows how attackers can effectively use LLMs to obfuscate their malicious JavaScript samples offline. Reports from other sources have documented campaigns that leverage LLMs during runtime execution on compromised machines to tailor attacks (e.g., LLM-powered malware and ransomware).

Anthropic researchers have also published reports indicating that LLMs have aided cybercriminals and played a role in AI-orchestrated cyberespionage campaigns. Motivated by these recent discoveries, we researched how threat actors could leverage LLMs to generate, assemble and execute phishing attack payloads within a webpage at runtime, making it challenging to detect with network analysis. Below we outline our proof of concept (POC) for this attack scenario and offer steps to help mitigate the impact of this potential attack.

Attack Model For Our PoC

The attack scenario begins with a seemingly benign page. Once loaded in the victim’s browser, the initial webpage makes requests for client-side JavaScript to popular and trusted LLM clients (e.g., DeepSeek and Google Gemini, though the PoC could be effective across a number of models.).

Attackers can then trick the LLM into returning malicious JavaScript snippets using carefully engineered prompts that circumvent safety guardrails. These snippets are then assembled and executed in the browser’s runtime to render a fully functional phishing page. This leaves behind no static, detectable payload.

Figure 1 shows how we developed our PoC to leverage LLMs to enhance existing attacks and bypass defenses. The first two steps involve initial preparation, while the final step details the generation and execution of phishing code within the browser at runtime.

Step 1: Select a Malicious or Phishing Webpage

The attacker’s first step would be to select a webpage from an active phishing or malicious campaign to use as a model for the type of malicious code that would perform the desired function. From there, they can create JavaScript code snippets that will be generated in real-time to dynamically render the final page displayed to the user.

Step 2: Translate Malicious JavaScript Code Into LLM Prompts

The attacker’s next step would be to craft prompts describing the JavaScript code’s functionality to the LLM in plain text. They could iteratively refine prompts, generating malicious code that bypasses existing LLM guardrails. These generated snippets could differ structurally and syntactically, allowing attackers to create polymorphic code with the same functionality.

Step 3: Generate and Execute Malicious Scripts at Runtime

From there, attackers could embed these engineered prompts inside a webpage, which would load on the victim’s browser. The webpage would then use the prompt to request a popular, legitimate LLM API endpoint to generate malicious code snippets. These snippets could then be transmitted over popular, trusted domains to bypass network analysis. Subsequently, these generated scripts could be assembled and executed to render malicious code or phishing content.

How This Attack Technique Helps with Evasion

This technique builds upon existing evasive runtime assembly behaviors that we often observe on phishing and malware delivery URLs. For example, 36% of malicious webpages we detect daily exhibit runtime assembly behavior, such as executing constructed child scripts with an eval function (e.g., retrieved, decoded or assembled payloads). Leveraging LLMs during runtime on a webpage gives attackers the following benefits:

• Evading network analysis: The malicious code generated by an LLM could be transferred over the network from a trusted domain, as access to domains of popular LLM API endpoints is often allowed from the client side.
• Increasing the diversity of malicious scripts with each visit: An LLM can generate new variants of phishing code, leading to higher polymorphism. This can make detection more challenging.
• Using runtime assembly and executing JavaScript code to complicate detection: Assembling and executing these code snippets during runtime enables more tailored phishing campaigns, such as selecting a target brand based on the victim’s location or email address.
• Obfuscating code in plain text: Translating code into text for subsequent concealment within a webpage can be viewed as a form of obfuscation. Attackers commonly employ various conventional techniques (e.g., encoding, encryption and code fragmenting) to visually conceal malicious code and evade detection. While advanced analyses often identify conventional obfuscation methods by evaluating expressions, it will be more challenging for defenders to evaluate text as executable code without subjecting each snippet to an LLM.

PoC Example

In researching the PoC we were able to demonstrate how this augmentation could be applied to a real-world phishing campaign, illustrating its ability to enhance evasion techniques through the steps we outline above. A brief overview of this PoC is provided below.

Step 1: Selecting a Malicious/phishing Webpage

For our PoC, we replicated a webpage from an advanced real-world phishing campaign known as LogoKit. The original phishing attack uses a static JavaScript payload to transform a benign-looking web form into a convincing phishing lure. This script performs two key functions: personalizing the page based on the victim’s email in the address bar and exfiltrating captured credentials to an attacker’s web server.

Step 2: Translating Malicious JavaScript Code Into LLM prompts

Our PoC uses a popular LLM service, accessible via a chat API query from within the browser’s JavaScript. To mitigate potential misuse by attackers, we are not disclosing the name of this specific API. We used this LLM API to dynamically generate the code necessary for credential harvesting and impersonate target webpages. Because the malicious payload is generated dynamically in the browser, the initial page transmitted over the network is benign, allowing it to inherently bypass network-based security detectors.

The attack’s success hinged on careful prompt engineering to bypass the LLM’s built-in safeguards. We found simple rephrasing was remarkably effective.

For instance, a request for a generic $AJAX POST function was permitted (shown in Figure 2), while a direct request for “code to exfiltrate credentials” was blocked. Furthermore, indicators of compromise (IoCs) (e.g., Base64-encoded exfiltration URLs) could also be hidden within the prompt itself to keep the initial page clean.

The non-deterministic output of the model provided a high degree of polymorphism, with each query returning a syntactically unique yet functionally identical variant of the malicious code. For example, Figure 3 shows differences in code snippets highlighted in red. This constant mutation makes detection more difficult.

Of note, LLM-generated code can include hallucinations but we mitigated this through prompt refinement and increased specificity, effectively reducing syntax errors. As a result, the final, highly specific prompt successfully generated functional code in most instances.

Step 3: Executing Malicious Scripts at Runtime

The generated script was assembled and executed at runtime on the webpage to render the phishing content. This process successfully constructed a functional, brand-impersonating phishing page, validating the attack’s viability (shown in Figure 4). The successful execution of the generated code, which rendered the phishing page without error, confirmed the efficacy of our PoC.

Generalizing the Threat and Expanding the Attack Surface

Alternate Methods to Request LLM API

Our attack model, demonstrated through a PoC, could be implemented in various ways. However, each methodology described in the PoC speaks to how an attacker connects to LLM APIs for transferring malicious code as snippets that are executed in the browser at runtime.

As shown in our PoC, attackers could bypass security measures by directly connecting to a well-known LLM service API endpoint from a browser to execute code-generation prompts. Alternatively, they might use a backend proxy server on trusted domains or content delivery networks (CDNs) to connect to the LLM service for prompt execution. A further tactic could involve connecting to this backend proxy server via non-HTTP connections such as WebSockets, a method we have previously reported in phishing campaigns.

Other Abuses of Trusted Domains

Attackers have abused the trust of legitimate domains to circumvent detections in the past, as seen in instances like EtherHiding. In EtherHiding, attackers concealed malicious payloads on public blockchains associated with reputable and trusted smart contract platforms.

The attack detailed in this article uses a combination of diverse, LLM-generated malicious code snippets and the transmission of this malicious code through a trusted domain, to evade detection.

Translation of Malicious Code Into Text Prompts for More Attacks

This article focuses on the conversion of malicious JavaScript code into a text prompt to facilitate the rendering of a phishing webpage. This methodology presents a potential vector for malicious actors to generate diverse forms of hostile code. For example, they could develop malware or establish a command-and-control (C2) channel on a compromised machine that generates and transmits malicious code from trusted domains associated with popular LLMs.

Attacks Leveraging In-Browser Runtime Assembly Behaviors

The attack model presented here exemplifies runtime assembly behaviors, where malicious webpages are dynamically constructed within a browser. Prior research has also documented different variants of runtime assembly for crafting phishing pages or malware delivery. For example, this article mentions a technique where an attacker breaks down malicious code into smaller components, subsequently reassembling them for execution at runtime within the browser (termed by SquareX as last mile reassembling attack). Various reports describe attackers using HTML smuggling techniques to deliver malware.

The attack model outlined in this post goes further, as it involves the runtime generation of novel script variants that are later assembled and executed, posing a significantly elevated challenge to detection.

Recommendations for Defenders

The dynamic nature of this attack in combination with runtime assembly in the browser makes it a formidable defense challenge. This attack model creates a unique variant for every victim. Each malicious payload is dynamically generated and unique, transmitted over a trusted domain.

This scenario signals a critical shift in the security landscape. Detection of these attacks (while possible through enhanced browser-based crawlers) ​​requires runtime behavioral analysis within the browser.

Defenders should also restrict the use of unsanctioned LLM services at workplaces. While this is not a complete solution, it can serve as an important preventative measure.

Finally, our work highlights the need for more robust safety guardrails in LLM platforms, as we demonstrated how careful prompt engineering can circumvent existing protections and enable malicious use.

Conclusion

This article demonstrates a novel AI-augmented approach where a malicious webpage uses LLM services to dynamically generate numerous variants of malicious code in real-time within the browser. To combat this, the most effective strategy is runtime behavioral analysis at the point of execution through in-browser protection and by running offline analysis with browser-based sandboxes that render the final webpage.

Palo Alto Networks Protection and Mitigation

Palo Alto Networks customers are better protected from the threats discussed above through the following products and services:

Prisma AIRS customers can secure their in-house built GenAI applications against inputs that attempt to circumvent guardrails.

Customers using Advanced URL Filtering and Prisma Browser (with Advanced Web Protection) are better protected against various runtime assembly attacks.

Prisma Browser customers with Advanced Web Protection are protected against Runtime Re-assembly attacks from the first attempt, or “patient zero” hit, because the defense uses runtime behavioral analysis directly within the browser to detect and block malicious activity at the point of execution.

The Unit 42 AI Security Assessment can help empower safe AI use and development across your organization.

If you think you may have been compromised or have an urgent matter, get in touch with the Unit 42 Incident Response team or call:

• North America: Toll Free: +1 (866) 486-4842 (866.4.UNIT42)
• UK: +44.20.3743.3660
• Europe and Middle East: +31.20.299.3130
• Asia: +65.6983.8730
• Japan: +81.50.1790.0200
• Australia: +61.2.4062.7950
• India: 000 800 050 45107
• South Korea: +82.080.467.8774

Palo Alto Networks has shared these findings with our fellow Cyber Threat Alliance (CTA) members. CTA members use this intelligence to rapidly deploy protections to their customers and to systematically disrupt malicious cyber actors. Learn more about the Cyber Threat Alliance.

Additional Resources

In a strong close to 2025 for our Capital Market Team in Cairo, Barakat, Maher & Partners, in association with Clyde & Co, is proud to have advised Capital for Securitization on the second issuance of the tenth programme at EGP 478,000,000, structured across three tranches against a securitization portfolio assigned by Erada Microfinance Co.

The team was led by Mostafa Elsakaa, partner and head of capital market in Cairo, with the support of senior associate Walid Enany, and associates Omar Mahmoud and Mahmoud Toraya. 

The issuance was approved by the Financial Regulatory Authority (FRA) on 30 December 2025, and the transaction brought together leading institutions across the market, with CI Capital Securities Brokerage acting as the financial advisor and lead arranger; and Arab African International Bank (AAIB) serving as the custodian, while Suez Canal Bank acted as the subscription receiver and underwriter.

Mostafa Elsakaa commented,

 

Mohamed Barakat added, 

 

---

Two years since opening our Cairo office, our team has established itself as a transactional powerhouse, advising local and international businesses across a wide range of sectors. We have successfully handled complex M&A transactions, including advising on the first merger in Egypt’s private sector insurance industry, as well as handling private equity, anti-trust, competition, regulatory and corporate matters. Our teams expertise also extends to joint ventures (JVs), restructurings, separations and carve-outs, together with initial public offerings (IPOs) and securitization deals including four closings for Capital for Securitization on the mortgage portfolio of Bedaya, the fourth issuance valued at EGP 1,637,000,000 on 26 March 2025, the third issuance valued at  EGP 1,780,500,000 on 25 December 2024 and the first two issuances, valued at EGP 843 million on 29 December 2023 and EGP 1,415,500,000 on 10 October 2024. As well as closing the successful securitization deal, Capital for Securitization on the microfinance portfolio of Erada Microfinance valued at EGP 718 million in January 2025. 

Dubai, UAE; 22 January 2026: Dubai International Financial Centre (DIFC), a key cultural and lifestyle hub in Dubai, has unveiled ROOFLINE, a new addition to the city’s dynamic social space. Aimed at celebrating homegrown dining and culture concepts, the limited-time open-air rooftop destination runs till 31 March 2026, offering visitors new ways to experience Dubai through one gate.

Located across the connecting podium levels between Gate District and Gate Avenue in DIFC, Roofline provides a seamless rooftop connection between two key precincts and a prime space to enjoy Dubai’s unique skyline and DIFC’s architecture. Designed as a community-led destination, ROOFLINE champions Dubai’s homegrown culinary and creative scene.

Participating concepts at the debut of ROOFLINE include; FLTR, blending 3D design with speciality coffee, the iconic reflective mirror café Uncommon, community club and café IYKYK, Karak House with its modern take on traditional Emirati favourites, Rascals known for its hand cut doughnuts, speciality coffee and desserts place Badou, luxury smash burger spot Beau Burger and more.

From 22 January to 15 February, ROOFLINE hosts live Arabic music and open-air cinema screenings every Thursday to Sunday across Gate Avenue, adding an elevated entertainment layer to the rooftop experience. Screenings take place at Gate Avenue 4, Index Tower, while live music performances animate Gate Avenue 1 near Beau Burger, opposite Peet’s Coffee, with timings varying by date.

Saleh Al Akrabi, Chief Real Estate Officer, Dubai International Financial Centre, said; “As one of Dubai’s most vibrant lifestyle destinations, DIFC has launched ‘ROOFLINE’ to capture the spirit of Dubai in one setting. By bringing together the city’s best homegrown dining and culinary concepts, we are creating a destination that celebrates local creativity and invites people to come together, discover something new and enjoy great experiences, all in the heart of DIFC.”

Offering an elevated after-work and weekend experience for residents and visitors to Dubai, as well as DIFC professionals, the open-air rooftop space has a modern urban feel balancing dining, culture and social connection. Mini activations, pop-ups and curated entertainment are set to keep visitors enthralled throughout the season.

Roofline will also host a special Ramadan exhibition by Curated Playlist from 16 February to 8 March 2026, bringing immersive pop-up experiences that blend fashion, culture and music.

DIFC’s growing portfolio of homegrown and independent brands draws discerning visitors seeking after work and weekend dining options in a culturally rich and vibrant setting. With the opening of ROOFLINE, visitors to the venue can now discover more at Dubai International Financial Centre, where every experience begins at the Gate.

To keep up with the latest schedules and line-ups, visit: https://www.difc.com/whats-on/events/roofline-by-difc

DIFC is easily accessible by Dubai Metro with the Financial Centre Metro Station a 3-minute walk away.

TOKYO — Japan posted a trade deficit for the fifth straight year in 2025, according to government data released Thursday, as exports were hit by U.S. President Donald Trump’s tariffs and a diplomatic rift with neighboring China.

For the full year, Japan logged a 2.65 trillion yen ($17 billion) trade deficit, the Finance Ministry reported in its preliminary data.

That was nearly 53% smaller than the deficit Japan marked the previous year. Exports for the year rose 3.1%, while imports remained about the same on-year, gaining less than 1%.

For the month of December, Japan recorded a 105.7 billion yen ($669 million) trade surplus.

The monthly surplus was 12% smaller than what was racked up a year ago. Imports grew 5.3% from the same month a year ago, while exports grew 5.1%.

By nation, exports to the U.S. declined 11% in December, while exports to Britain, Africa and some other Asian countries rose. Imports from Europe were strong.

The United States has imposed a 15% tariff on most imports from Japan, a reduction from the 25% that Trump initially proposed but an increase from before he took office a year ago.

Another looming concern is the impact on Japanese manufacturing, including automakers, from China’s curbs on exports of rare earths.

The controls were announced by Beijing after Prime Minister Sanae Takaichi suggested a Chinese move on Taiwan could prompt a Japanese military response.

Takaichi has called a snap elections for next month in hopes her party can gain strength in Parliament while she is popular with the public.

Overall, Japan’s economy has held up, despite grumbling from the public about rising prices and stagnant wages. The benchmark Nikkei on the Tokyo Stock Exchange keeps hitting new records.

___

Yuri Kageyama is on Threads: https://www.threads.com/@yurikageyama

Gujarat, 22 January 2026 – Balaji Wafers, one of India’s largest snack food brands, today announced that it has entered into a definitive agreement to receive a strategic investment from General Atlantic, a leading global investor. Financial terms of the transaction were not disclosed.

Founded in 1981 by the Virani family, Balaji Wafers has grown from a home-based enterprise into one of India’s largest packaged snack brands. The Company has built its brand on the promise of consistent high-quality, taste and availability, which is supported by its continuous investment in automation, supply chain, innovation, as well as its people and channel partners. Balaji Wafers offers a diverse portfolio across Namkeen, Western snacks, potato wafers, noodles, chikki, papad, and confectionery, all of which have been well received by consumers. Over the years, the Company has successfully scaled its operations from its home base in Gujarat to become a leading player across multiple states in India. In addition to its strong domestic presence, Balaji Wafers exports its products to around 25 countries worldwide. 

With General Atlantic’s investment, Balaji Wafers will focus on further strengthening key corporate functions across the Company and accelerating innovation. Drawing on General Atlantic’s global expertise in the food and consumer sectors, the Company plans to accelerate its expansion across India.

Chandubhai Virani, Founder & Chairman at Balaji Wafers, said: “This partnership marks an important milestone in our journey. General Atlantic’s deep understanding of consumer businesses, track record of working with founder families and long-term approach to value creation, align well with our vision for Balaji Wafers.” Keyur Virani, Whole-time Director, added: “General Atlantic’s investment will support our efforts to establish and operate world-class facilities, invest in innovation and build a professional team to help drive the next phase of growth for the Company. We are excited to extend our footprint across India while staying true to the quality and taste that our consumers trust.” 

Shantanu Rastogi, Managing Director and Head of India at General Atlantic, said: “Balaji Wafers is a true Indian success story. The Company has modernised its production capabilities while preserving the flavour and quality that its consumers have grown to love. We see significant growth potential in India’s packaged snacks market as households increasingly seek affordable, convenient and high-quality food products. Balaji Wafers is well positioned to capitalise on this opportunity, and we look forward to partnering with Chandubhai, Keyur and the entire Balaji team as the Company enters its next phase of growth.”

Intensive Fiscal Services Pvt. Ltd. acted as the exclusive advisor to Balaji Wafers. Under the leadership of Mr. D.K. Surana, Intensive Fiscal Services is a leading investment bank in the consumer sector.

The transaction is subject to customary regulatory approvals and is expected to close later in 2026.

About Balaji Wafers

Balaji Wafers is one of India’s largest snack food brands. Headquartered in Gujarat, the company is known for its wide portfolio of high-quality and affordable snack products. Supported by advanced manufacturing facilities, Balaji Wafers has established a robust and expansive retail footprint across multiple regions of India. 

About General Atlantic

General Atlantic is a leading global investor with more than four and a half decades of experience providing capital and strategic support for over 830 companies throughout its history. Established in 1980, General Atlantic continues to be a dedicated partner to visionary founders and investors seeking to build dynamic businesses and create long term value. Guided by the conviction that entrepreneurs can be incredible agents of transformational change, the firm combines a collaborative global approach, sector specific expertise, a long-term investment horizon, and a deep understanding of growth drivers to partner with and scale innovative businesses around the world. The firm leverages its patient capital, operational expertise, and global platform to support a diversified investment platform spanning Growth Equity, Credit, Climate, and Sustainable Infrastructure strategies. General Atlantic manages approximately $118 billion in assets under management, inclusive of all strategies, as of September 30, 2025, with more than 900 professionals in 20 countries across five regions. For more information on General Atlantic, please visit: www.generalatlantic.com.

Media Contacts

Balaji Wafers
Jay Sachdev
[email protected]

General Atlantic
Jess Gill
[email protected]