Security

September 02, 2025

2 Minute Read

Security Staff Picks To Read This Month, Handpicked by Splunk Experts

By Tamara Chacon

Hello and welcome! Every month, our Splunk staff of security experts share their favorite reads of the month — this way, you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.

Here, we'll share a variety of articles, original research, presentations, whitepapers, and customer case stories. Topics that may be covered in these hand-picked reads may include:

Cybersecurity news
InfoSec and computer security
Threat hunting and detection engineering
AI & security
Risk management
Emerging trends
And much more!

We've been running this Security Picks series for years, and now we're making some updates: bookmark this URL, because we'll be making all of our recommendations here moving forward. So anytime you have a little downtime or are wondering what to read to stay on the nose, check out these security articles hand-picked by security experts.

Security Articles To Read in September 2025

“Scamlexity” We Put Agentic AI Browsers to the Test - They Clicked, They Paid, They Failed

Author: Nati Tal, Shaked Chen
Recommended by: Audra Streetman (LinkedIn)

Why we like it: “Guard.io’s blog “Scamlexity” is a wake-up call about the risks of agentic AI browsers. The authors demonstrate that these systems can’t reliably spot even basic scams like fake shops, phishing emails, and prompt injections. What makes the piece compelling is how clearly it frames the paradox: the more convenience AI browsers deliver, the more invisible the risks become because humans are removed from the decision loop. Agentic browsers are no longer just prototypes. Tools like Perplexity’s Comet and Opera’s Neon are already in the wild, which makes Guard.io’s findings especially timely. The write-up is worth a read for anyone interested in where AI security is headed, since it illustrates just how quickly familiar scams can scale into something far more dangerous when AI is the one being fooled.”

Straw Students: AI-Powered Fraud is Infiltrating Higher Education

Author: Chris Perkins

Recommended by: Chris Perkins (LinkedIn)

Why we like it: “We’re facing industrial-scale, AI-powered operations that manufacture"straw " or"ghost " students — synthetic or stolen identities used to pass admissions checks and capture financial aid–by the hundreds, even thousands.”

Australia’s New Gateway Security Guidance: What Leaders & SOC Teams Should Know

Author: Prescott Pym
Recommended by: James Hodgkinson (LinkedIn)

Why we like it: "This is a great summary of the changes coming to the Australian Federal standards, not just for the locals, but also for anyone looking to improve the effectiveness of their security program and follow best practices.”'

How to Protect Yourself From Portable Point-of-Sale Scams

Author: Diego Barbera
Recommended by: Tamara Chacon (LinkedIn)

Why we like it: “This article from Wired sheds light on an emerging threat involving portable Point-of-Sale (POS) devices and the innovative methods criminals are employing for theft. It details how attackers are exploiting contactless payment limits and utilizing "trawling" techniques to compromise transactions in public spaces. While the success rate of these scams might be low, the article underscores the critical need for heightened awareness and robust preventative measures. Understanding these evolving tactics is crucial for safeguarding our systems and advising on effective protection strategies against such sophisticated financial fraud.”

More Security Recommendations & Resources

That rounds out this month's security reading recommendations! Check back next month for your next to-reads. In the meantime, check out these resources for more security content:

Splunk Security Teams To Follow

SURGe

Splunk Threat Research Team (STRT)

More Recommendations

Living Off The Land: Threat Research February 2022 Release

In this February 2022 release, the Splunk Threat Research Team (STRT) focused on comparing currently created living off the land security content with Sigma and the LOLBas project.

Security 5 Min Read

OT Security Is Different, Isn’t IT?

Explore the differences between OT security and IT security, delving into industry-specific challenges and solutions, with insights into the Purdue Model and how Splunk can help.

Security 3 Min Read

Find the Fingerprints and Traces of Threats with Splunk at RSAC 2021

Splunk's heading to RSAC 2021, are you? Take a peak at our upcoming sessions and don't forget to tune into our CEO Doug Merritt's keynote when he takes the RSAC main stage.

About Splunk

The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.

Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.

Learn more about Splunk

Subscribe to our blog

Get the latest articles from Splunk straight to your inbox.

Connect with Splunk on X

Follow @Splunk

Connect with Splunk on Instagram