Hello and welcome! Every month, our Splunk staff of security experts share their favorite reads of the month — this way, you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.
Here, we'll share a variety of articles, original research, presentations, whitepapers, and customer case stories. Topics that may be covered in these hand-picked reads may include:
We've been running this Security Picks series for years, and now we're making some updates: bookmark this URL, because we'll be making all of our recommendations here moving forward. So anytime you have a little downtime or are wondering what to read to stay on the nose, check out these security articles hand-picked by security experts.
Author: Nati Tal, Shaked Chen
Recommended by: Audra Streetman (LinkedIn)
Why we like it: “Guard.io’s blog “Scamlexity” is a wake-up call about the risks of agentic AI browsers. The authors demonstrate that these systems can’t reliably spot even basic scams like fake shops, phishing emails, and prompt injections. What makes the piece compelling is how clearly it frames the paradox: the more convenience AI browsers deliver, the more invisible the risks become because humans are removed from the decision loop. Agentic browsers are no longer just prototypes. Tools like Perplexity’s Comet and Opera’s Neon are already in the wild, which makes Guard.io’s findings especially timely. The write-up is worth a read for anyone interested in where AI security is headed, since it illustrates just how quickly familiar scams can scale into something far more dangerous when AI is the one being fooled.”
Author: Chris Perkins
Recommended by: Chris Perkins (LinkedIn)
Why we like it: “We’re facing industrial-scale, AI-powered operations that manufacture"straw " or"ghost " students — synthetic or stolen identities used to pass admissions checks and capture financial aid–by the hundreds, even thousands.”
Author: Prescott Pym
Recommended by: James Hodgkinson (LinkedIn)
Why we like it: "This is a great summary of the changes coming to the Australian Federal standards, not just for the locals, but also for anyone looking to improve the effectiveness of their security program and follow best practices.”'
Author: Diego Barbera
Recommended by: Tamara Chacon (LinkedIn)
Why we like it: “This article from Wired sheds light on an emerging threat involving portable Point-of-Sale (POS) devices and the innovative methods criminals are employing for theft. It details how attackers are exploiting contactless payment limits and utilizing "trawling" techniques to compromise transactions in public spaces. While the success rate of these scams might be low, the article underscores the critical need for heightened awareness and robust preventative measures. Understanding these evolving tactics is crucial for safeguarding our systems and advising on effective protection strategies against such sophisticated financial fraud.”
That rounds out this month's security reading recommendations! Check back next month for your next to-reads. In the meantime, check out these resources for more security content:
Splunk Threat Research Team (STRT)
The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.
Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.