“Weekend Briefing” is a weekly newsletter sent to subscribers of The Readable every Friday. Our journalists select important news items from the previous week on topics ranging from privacy to policy development in cybersecurity, all to help you stay abreast of the latest breaking issues.
1. DOGE now has access to the top US cybersecurity agency – Wired
Two members of Elon Musk’s Department of Government Efficiency (DOGE), 19-year-old Edward Coristine and 38-year-old Kyle Schutt, have been hired by the Cybersecurity and Infrastructure Security Agency (CISA), raising serious national security concerns. Coristine, who previously worked with Musk’s Neuralink and other federal agencies, has taken on a senior advisory role at CISA—an agency tasked with protecting federal networks and securing sensitive election data. His past connections to cybersecurity firms and alleged ties to cybercriminal groups further fuel controversy over his appointment.
The extent of Coristine’s access to critical data remains unclear, but CISA maintains vital information on software vulnerabilities, breaches, and national security risks. Given his prior involvement with Path Network—an organization linked to reformed hackers—and his alleged ties to the cybercriminal community “The Com,” experts are raising concerns about his role in an agency responsible for protecting U.S. cyber infrastructure. Schutt, another DOGE recruit, has also joined CISA after previously working on GOP fundraising efforts through WinRed.
The appointments of Coristine and Schutt raise potential security risks, with experts questioning why an individual with suspected ties to cybercriminal groups has been granted access to government networks. Cybersecurity professionals warn that the move could weaken efforts to combat cybercrime, particularly given CISA’s responsibility for safeguarding federal, state, and local election security. The Department of Homeland Security, which oversees CISA, has not yet commented on the hiring, adding to concerns about transparency and national security.
2. Salt Typhoon hackers exploited stolen credentials and a 7-year-old software flaw in Cisco systems – NextGov/FCW
Cisco has revealed that the Salt Typhoon hacking group, linked to Chinese intelligence, primarily relied on stolen credentials to breach telecommunications systems in the U.S. and abroad. In one instance, the hackers exploited a seven-year-old vulnerability in Cisco routers that had been patched in 2018 but remained unaddressed in some systems. The attack involved infrastructure pivoting, enabling the hackers to move laterally across networks, compromising at least nine U.S. telecom companies and multiple international providers.
The campaign also targeted lawful intercept systems—critical infrastructure that houses wiretap requests for law enforcement—raising serious national security concerns. Among those affected were former President Donald Trump, Vice President JD Vance, and other high-profile officials. While the Department of Homeland Security launched an investigation, the Trump administration reportedly shut it down shortly after taking office, leaving the status of the probe unclear.
In response, the U.S. Treasury Department sanctioned Sichuan Juxinhe Network Technology Co., accusing it of collaborating with China’s Ministry of State Security on the attacks. Trump-aligned officials are calling for a more aggressive cyber strategy against China, though no concrete actions have been announced. Beijing denies any involvement and instead accuses the U.S. of conducting cyber espionage against Chinese networks.
3. 4 cybersecurity stocks to buy for stronger portfolio security – Yahoo Finance / Zacks
The cybersecurity industry is expanding rapidly as digital transformation accelerates, driving demand for advanced security solutions. The rise of AI, IoT devices, and cloud computing has fueled cyber threats, pushing companies to adopt stronger defenses. This growing need presents a lucrative investment opportunity, with the global cybersecurity market expected to exceed $300 billion by 2028-2030.
CrowdStrike (CRWD) is among the most promising cybersecurity stocks, thanks to its cutting-edge Falcon platform, which offers AI-driven security solutions for cloud environments and endpoints. Its modular, subscription-based Falcon Flex model boosts customer retention and drives revenue growth. Recent upgrades, including automated recovery techniques, have further solidified its market leadership.
CyberArk (CYBR) excels in privileged access security, a critical defense against cyberattacks. With a strong presence in banking, healthcare, and government sectors, the company benefits from a subscription-based revenue model and rising demand for identity security solutions. High-value deals and a growing customer base further strengthen its financial outlook.
Palantir Technologies (PLTR) has expanded beyond its traditional government contracts to establish a strong foothold in the commercial AI-powered data analytics sector. Its Artificial Intelligence Platform (AIP) enhances business intelligence by integrating large language models with both structured and unstructured data. This shift has diversified its revenue streams, driving significant growth.
Fortinet (FTNT) is a leader in integrated cybersecurity and networking solutions, particularly excelling in Software-Defined Wide Area Network (SD-WAN) technology. As enterprises prioritize security-driven networking, Fortinet’s Unified Threat Management (UTM) solutions continue to gain traction, ensuring strong long-term growth despite short-term sales challenges.
Each of these stocks shows strong potential for revenue and earnings growth, making them attractive investment options for 2025 and beyond. As cybersecurity threats continue to escalate, these companies are well-positioned to capitalize on the growing demand for digital protection.
4. Feature: Best opinion articles from The Readable
Opinion articles offer readers a rare opportunity to learn directly from experts. Over the past three years, a variety of professionals, including our own reporters, have contributed columns to The Readable, covering topics from quantum security to deepfake crimes. Some articles take a deep dive into technical challenges, while others examine the broader societal implications of cybersecurity vulnerabilities and the latest technological advancements. I’ve selected a handful of pieces that remain particularly relevant today, and I hope you find their insights valuable. The Readable also welcomes contributions from readers, particularly those with expertise in cybersecurity. If you’re interested in writing for us, feel free to contact us via email for more details. READ MORE
5. South Korea’s financial security institute leverages AI for fraud detection
On Thursday, South Korea’s Financial Security Institute (FSI) announced proactive measures to enhance the security and reliability of artificial intelligence applications in the financial sector.
This initiative not only aims to identify security vulnerabilities, but also to enhance the capacity of institutions to detect fraud.
As AI-driven financial services become more widespread, concerns about security vulnerabilities, data breaches, and biased decision-making are on the rise. In response, the FSI has launched the initiative to assess the security measures of firms designated as innovative service providers by South Korea’s Financial Services Commission, the nation’s top financial regulator. READ MORE
6. Google Cloud and Yanolja partner to revolutionize travel services with generative AI
Google Cloud has announced a strategic partnership with Yanolja, a global travel technology company, to enhance artificial intelligence-driven travel solutions. The collaboration will integrate Google Cloud’s advanced generative AI with Yanolja’s proprietary Vertical AI to transform the travel experience for businesses and consumers worldwide.
Yanolja, a leader in cloud-based hospitality solutions, operates in more than 200 countries and provides subscription-based Software-as-a-Service (SaaS) and transaction solutions for the global travel industry.
Through this partnership, Yanolja will incorporate Google Cloud’s generative AI technology, including Gemini, into its AI-powered travel ecosystem. By leveraging Google’s AI-optimized infrastructure, Yanolja aims to enhance automation, personalization, and operational efficiency in the travel sector. READ MORE
Editor’s note: This article was initially written by ChatGPT-4o based on the author’s specific instructions, which included news judgment, fact-checking, and thorough editing before publication.
