Hello and welcome! Every month, our Splunk staff of security experts share their favorite reads of the month — this way, you can follow the most interesting, news-worthy, and innovative stories coming from the wide world of cybersecurity.
Here, we'll share a variety of articles, original research, presentations, whitepapers, and customer case stories. Topics that may be covered in these hand-picked reads may include:
We've been running this Security Picks series for years, and now we're making some updates: bookmark this URL, because we'll be making all of our recommendations here moving forward. So anytime you have a little downtime or are wondering what to read to stay on the nose, check out these security articles hand-picked by security experts.
Author: European Directorate-General for Communications Networks, Content and Technology
Recommended by: Shannon Davis (LinkedIn)
Why we like it: "The European Commission has announced proposed funding calls totaling €145.5 million to strengthen cybersecurity across the EU. Around €30 million is targeted at helping hospitals and healthcare providers defend against ransomware and similar threats. In contrast, more than €90 million is earmarked for R&D into generative AI, post-quantum cryptography, and privacy-enhancing tech. While future-focused innovation is important, the disparity is striking—ransomware remains a clear and present danger, yet defenses for critical sectors like healthcare are set to receive just a third of the funding.”
Author: Guy Fedorkow Thomas Hardjono
Recommended by: Stephen Johnson (LinkedIn)
Why we like it: “There's a gazillion cheap IoT devices out there that are easily compromised and often recruited into botnets. The root of trust for these devices needs to start at the firmware and work out from there."
Author: Aims Labs Team
Recommended by: Lauren Stemler (LinkedIn)
Why we like it: "Aim Labs just disclosed EchoLeak, a zero-click vulnerability in Microsoft 365 Copilot that could silently exfiltrate sensitive internal data without the user doing a thing. It was patched before any known exploitation, but it still earned a CVSS score of 9.3, which says a lot. This piece really made me think about how quickly we're integrating AI tools into sensitive workflows without fully understanding the risks.”
Author: Matt Kapko
Recommended by: Audra Streetman (LinkedIn)
Why we like it: “The news about a so-called “16 billion credential” data breach is a perfect reminder of why cybersecurity professionals need to be discerning about where they get their information. The story made big waves, but it turns out it was mostly recycled data with little real evidence behind it. Still, a lot of people and even companies ran with it anyway. In security and in journalism, facts matter. Often, the best move is to pause, check the details, and look to corroborate information from trusted sources."
Author: Joseph Cox
Recommended by: Tamara Chacon (LinkedIn)
Why we like it: "Joseph Cox discusses how one clever brute-force vulnerability allowed any phone number linked to a Google account to be exposed—simply by guessing digits behind the scenes. The method exploited a loophole in Google’s account recovery flow using Looker Studio to link names, enabling attackers to try thousands of possible numbers until finding a match. It is interesting to see how seemingly minor information leaks—like your recovery phone number—can pose serious risks, especially for SIM-swapping attacks.”
That rounds out this month's security reading recommendations! Check back next month for your next to-reads. In the meantime, check out these resources for more security content:
Splunk Threat Research Team (STRT)
The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.
Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.