In partnership with

📬 This Week’s Clickables

• 📌 Big News — Chinese solar inverter alarm & White House EO cyber rollback

• 🚨 Can’t Miss — Connectwise Ransomware breach

• 🤖 AI in Cyber — Phishing, fraud & AI ransomware

• 🧪 Strange Cyber Story — SentinelOne vendor breach deep dive

🚨 Big Stories This Week

🔐 Executive Order Scraps Biden-Era Cybersecurity Programs

Intro: A sweeping executive order cancels key Biden cybersecurity initiatives—reshaping federal priorities overnight.

What Happened: On June 6, Trump signed an order reversing Biden-era programs like software SBOM (software bill of materials) requirements and post-quantum encryption mandates

Why It’s Important: The move marks a significant shift toward decentralizing cybersecurity control to states and agencies, away from mandatory standards .

The Other Side: While praised by some as freeing agencies, critics caution it weakens national resilience and regulatory cohesion.

The Takeaway: Federal cyber policy is now less unified. Organizations must pay attention to their own state/fed frameworks to stay secure.

TL;DR: Trump's order rolls back Biden-era cyber mandates in favor of a looser, agency-led approach.

Further Reading:

• Axios

• Politico

• CyberSecurity Dive

🔆 U.S. Agencies Warn of Rogue Devices in Chinese Solar Inverters

Intro: U.S. energy and cybersecurity authorities have flagged undercover devices in Chinese-made solar inverters—raising national security alarms.

What happened: Inverters and batteries—including brands like Huawei and Sungrow—were found to contain undocumented radios capable of bypassing firewalls and communicating externally .

Why it’s important: These “kill switches” could allow remote shutdowns or grid manipulation—exposing critical infrastructure to covert sabotage.

The other side: Chinese officials deny any malicious design; some experts urge deeper validation, warning against leaping to conclusions.

The takeaway: Regulators must prioritize hardware vetting, diversify supply chains, and require transparency through SBOMs before installing grid gear.

TL;DR: Undocumented hardware in Chinese inverters raises cyber-physical sabotage fears—utilities must act.

Related reads:

• Defense News

• Security Affairs

• PV Magazine

 🔥 Can’t Miss This Week

🤖 AI in Cyber

Start learning AI in 2025

Everyone talks about AI, but no one has the time to learn it. So, we found the easiest way to learn AI in as little time as possible: The Rundown AI.

It's a free AI newsletter that keeps you up-to-date on the latest AI news, and teaches you how to apply it in just 5 minutes a day.

Plus, complete the quiz after signing up and they’ll recommend the best AI tools, guides, and courses – tailored to your needs.

Sign up to start learning.

🧟‍♂️ Strange Cyber Story of the Week

🛡️ SentinelOne Vendor Breach Attempt Thwarted

The Intro: An unexpected cyber clash: Chinese-linked APT breaks into a hardware vendor supplying SentinelOne—before reaching the endpoint defense firm itself.

What Happened: In early 2025, attackers used supply-chain breach methods (ShadowPad malware) to infiltrate a logistics firm linked to SentinelOne. The intrusion stopped short of compromising SentinelOne’s own systems .

Why It’s Important: Security vendors are high-value targets; this event shows how attackers probe through third-party paths to reach deeper networks.

The Other Side: SentinelOne detected and contained the threat before escalation, a testament to effective self-defense—but also a stark warning for all vendors.

The Takeaway: Organizations must harden not only their perimeter but also the security posture of all third-party suppliers.

TL;DR: Attackers breached a SentinelOne vendor but were stopped before reaching the endpoint defense firm—a wake-up call on supply-chain resilience.

More Reading:

• CyberSecurity Dive

• BleepingComputer

Thanks for reading this week’s edition. Like what you see? Forward it!

Hate everything you see or have other feedback? Reply back to this email!