Threat actors are abusing the special-use “.arpa” domain and IPv6 reverse DNS in phishing campaigns that more easily evade domain reputation checks and email security gateways.

The .arpa domain is a special top-level domain reserved for internet infrastructure rather than normal websites. It is used for reverse DNS lookups, which allow systems to map an IP address back to a hostname.

IPv4 reverse lookups use the in-addr.arpa domain, while IPv6 uses ip6.arpa. In these lookups, DNS queries a hostname derived from the IP address, written in reverse order and appended to one of these domains.

For example, www.google.com has the IP addresses 192.178.50.36 (IPv4) and 2607:f8b0:4008:802::2004 (IPv6). Querying Google’s IP of 192.178.50.36 via the dig tool resolves to an in-addr.arpa hostname and ultimately a regular hostname:

; <<>> DiG 9.18.39-0ubuntu0.24.04.2-Ubuntu <<>> -x 192.178.50.36
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 59754
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;36.50.178.192.in-addr.arpa.    IN      PTR

;; ANSWER SECTION:
36.50.178.192.in-addr.arpa. 1386 IN     PTR     lcmiaa-aa-in-f4.1e100.net.

;; Query time: 7 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Fri Mar 06 13:57:31 EST 2026
;; MSG SIZE  rcvd: 94

Querying Google’s IPv6 address of 2607:f8b0:4008:802::2004 shows that it first resolves to an IPv6.arpa hostname and then a hostname, as shown below.

; <<>> DiG 9.18.39-0ubuntu0.24.04.2-Ubuntu <<>> -x 2607:f8b0:4008:802::2004
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31116
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;4.0.0.2.0.0.0.0.0.0.0.0.0.0.0.0.2.0.8.0.8.0.0.4.0.b.8.f.7.0.6.2.ip6.arpa. IN PTR

;; ANSWER SECTION:
4.0.0.2.0.0.0.0.0.0.0.0.0.0.0.0.2.0.8.0.8.0.0.4.0.b.8.f.7.0.6.2.ip6.arpa. 78544 IN PTR tzmiaa-af-in-x04.1e100.net.
4.0.0.2.0.0.0.0.0.0.0.0.0.0.0.0.2.0.8.0.8.0.0.4.0.b.8.f.7.0.6.2.ip6.arpa. 78544 IN PTR mia07s48-in-x04.1e100.net.

;; Query time: 10 msec
;; SERVER: 127.0.0.1#53(127.0.0.1) (UDP)
;; WHEN: Fri Mar 06 13:58:43 EST 2026
;; MSG SIZE  rcvd: 171

Phishing campaign abuses in .arpa domains

A phishing campaign observed by Infoblox uses the ip6.arpa reverse DNS TLD, which normally maps IPv6 addresses back to hostnames using PTR records.

However, attackers found that if they reserve their own IPv6 address space, they can abuse the reverse DNS zone for the IP range by configuring additional DNS records for phishing sites.

In normal DNS functionality, reverse DNS domains are used for PTR records, which allow systems to determine the hostname associated with a queried IP address.

However, attackers discovered that once they gained control over the DNS zone for an IPv6 range, some DNS management platforms allowed them to configure other record types that can be abused for phishing attacks.

“We have seen threat actors abuse Hurricane Electric and Cloudflare to create these records—both of which have good reputations that actors leverage—and we confirmed that some other DNS providers also allow these configurations,” explains Infoblox.

“Our tests were not exhaustive, but we notified the providers where we discovered a gap. Figure 2 depicts the process the threat actor used to create the domain used in the phishing emails.”

To set up the infrastructure, the attackers first obtained a block of IPv6 addresses via IPv6 tunneling services.

After gaining control of the address space, the attackers then generate reverse DNS hostnames from the IPv6 address range using randomly generated subdomains that are difficult to detect or block.

Instead of configuring PTR records as expected, the attackers create A records that point those reverse DNS domains to infrastructure hosting phishing sites.

The phishing emails in this campaign use lures that promise a prize, a survey reward, or an account notification. The lures are embedded in the emails as images linked to a reverse IPv6 DNS record, such as  “d.d.e.0.6.3.0.0.0.7.4.0.1.0.0.2.ip6.arpa,” rather than a regular hostname, so the target doesn’t see a strange arpa hostname.

When a victim clicks the phishing email image, the device resolves the attacker-controlled reverse DNS name servers via a DNS provider.

In some cases, the authoritative name servers were hosted by Cloudflare, and the reverse DNS domains resolved to Cloudflare IP addresses, hiding the location of the backend phishing infrastructure.

After clicking the image, victims are redirected through a traffic distribution system (TDS) that determines whether they are a valid target, commonly based on device type, IP address, web referers, and other criteria. If the visitor passes validation, they are redirected to a phishing site. Otherwise, they are sent to a legitimate website.

Infoblox says the phishing links are short-lived, only active for a few days. After the links expire, they redirect users to domain errors or other legitimate sites.

The researchers believe this is done to make it harder for security researchers to analyze and investigate the phishing campaign.

Furthermore, as the ‘.arpa’ domain is reserved for internet infrastructure, it does not include data normally found in registered domains, such as WHOIS info, domain age, or contact information. This makes it harder for email gateways and security tools to detect malicious domains.

The researchers also observed the phishing campaign using other techniques, such as hijacking dangling CNAME records and subdomain shadowing, allowing the attackers to push phishing content through subdomains linked to legitimate organizations.

“We found over 100 instances where the threat actor used hijacked CNAMEs of well-known government agencies, universities, telecommunication companies, media organizations, and retailers,” explained Infoblox.

By weaponizing trusted reverse DNS features used by security tools, attackers can generate phishing URLs that bypass traditional detection methods.

As always, the best way to avoid phishing attacks like these is to avoid clicking on unexpected links in emails and instead visit services directly through their official websites.

Malware is getting smarter. The Red Report 2026 reveals how new threats use math to detect sandboxes and hide in plain sight.

Download our analysis of 1.1 million malicious samples to uncover the top 10 techniques and see if your security stack is blinded.

Advertisement

Download The Report

OpenAI‘s robotics hardware lead is out. Caitlin Kalinowski, who oversaw hardware within the robotics division of OpenAI, posted on X that she was resigning from her role, while criticizing the company’s haste in partnering with the Department of Defense without investigating proper guardrails. OpenAI told Engadget that there are no plans to replace Kalinowski.

Kalinowski, who previously worked at Meta before leaving to join OpenAI in late 2024, wrote on X that “surveillance of Americans without judicial oversight and lethal autonomy without human authorization are lines that deserved more deliberation than they got.” Responding to another post, the former OpenAI exec explained that “the announcement was rushed without the guardrails defined,” adding that it was a “governance concern first and foremost.”

OpenAI confirmed Kalinowski’s resignation and said in a statement to Engadget that the company understands people have “strong views” about these issues and will continue to engage in discussions with relevant parties. The company also explained in the statement that it doesn’t support the issues that Kalinowski brought up.

“We believe our agreement with the Pentagon creates a workable path for responsible national security uses of AI while making clear our red lines: no domestic surveillance and no autonomous weapons,” the OpenAI statement read.

Kalinowski’s resignation may be the most high-profile fallout from OpenAI’s decision to sign a deal with the Department of Defense. The decision came just after Anthropic refused to comply with lifting certain AI guardrails around mass surveillance and developing fully autonomous weapons. However, even OpenAI’s CEO, Sam Altman, said that he would amend the deal with the Department of Defense to prohibit spying on Americans.

Correction, March 8 2026, 10:30AM ET: This story has been updated to correct Kalinowski’s role at OpenAI to “robotics hardware lead” instead of “head of robotics.”

Most enterprise teams struggle with systems built to support strategy and processes but cannot keep up. As a result, Sales teams are stuck doing manual data entry; service teams are responding to backlogs. Additionally, operations managers are pulling reports from three different platforms just to get a picture of past incidents. The compounding effect of these inefficiencies leads to deals slowing down, customers getting inconsistent experiences, and the more a business grows, the more difficult it gets to manage these complex issues. Agentforce implementation services address this directly. 

Using these services allows enterprises to deploy AI agents that act inside the Salesforce environment, not just surface recommendations but execute tasks. There are other benefits to Salesforce agentforce consulting which we’ll cover. In this blog, we’ll cover 7 practical benefits of Agentforce for enterprise businesses. In addition, we’ll also discuss a few steps to help you identify the right Agentforce implementation services partner.

Driving Enterprise Impact: 7 Benefits of Agentforce Implementation Services

Here are 7 transformative advantages of Salesforce Agentforce implementation services:

1. Automated Operational Workflows

Even well-designed automation still depends on humans to start it, for instance, an agent logs a call, or a manager approves the next step. Each of those handoffs introduces delay, but Agentforce eliminates that dependency. AI agents execute tasks like updating records, routing escalations, triggering follow-on steps; now conditions are met, not when a team member is available to act. At enterprise scale, removing that delay across thousands of daily interactions is not an incremental gain. It’s a structural advantage over organizations still relying on human-initiated workflows to drive execution.

2. Human-Centered Service Allocation

Enterprise service operations face persistent capacity problems. Query volume grows faster than hiring capacity, and every routine request handled by a trained agent is time that could have been spent resolving a genuinely complex case. Agentforce reallocates that effort when routine queries are addressed immediately and accurately. This is without manual searching, and resolutions are applied or recommended in real time. Businesses that engage Salesforce Agentforce consulting to configure the agents to their specific service workflows consistently report faster resolution times and lower escalation rates.

3. Standardized Sales Execution

Large sales organizations face a consistent challenge: performance varies not because of product or pricing, but because individual execution varies. One territory delivers results because of a disciplined manager while another underperforms because follow-up processes are inconsistently applied. With the help of Agentforce, you can standardize execution at the system level. 

High-intent accounts are identified and flagged before opportunities lapse, and relevant account context is given at the appropriate stage of the deal. So, the agent who’s performing the best becomes the default process for all of them/ When applied across the sales ecosystem, the standardization brings in tangible business outcomes.

4. Maximized Existing Salesforce ROI

Enterprises accumulated Salesforce investments carry substantial sunk costs in licenses, customizations, and integrations. Sometimes, a part of that infrastructure remains underutilized, like data collect fields that are rarely reviewed, or even reports are generated but do not reach decision-makers in time to be actionable. Agentforce does not require building a new system on top of existing ones; it activates what is already in place. Engaging a certified Salesforce implementation partner to handle the configuration correctly from the outset prevents the accumulation of a second layer of technical debt. The ROI case extends beyond Agentforce itself and helps businesses extract full value from the broader Salesforce platform it has already committed to.

5. Scalable Capacity Efficiency

It’s simple math: more customers require more service capacity, more pipelines require more sales coverage, and in addition, more operational activity requires more administrative overhead. Agentforce interrupts that relationship as AI agents absorb increased volume without a corresponding increase in cost, and without the onboarding time or training requirements. This enables enterprises to manage high-demand periods by expanding operational capacity without restructuring staff or systems.

6. Real-Time Actionable Data

If leaders don’t get insights in real-time, they often make decisions based on outdated information. So, when a problem appears in the report, the opportunity to respond promptly is usually closed by then. But with Agentforce, you can process data as it moves through the system. You can also uncover relevant indicators in real time, shifts in pipeline health, service queue build-up, performance variances without requiring anyone to prepare a report in advance.

Therefore, when you opt for Salesforce Consulting Services, you can design the reporting architecture that makes this visibility consistent across business units and geographies. Thus, ensuring leadership is acting on current information rather than a delayed representation of it.

7. Built-In Compliance Assurance

Regulated industries such as financial services, healthcare, and insurance, compliance is an ongoing operational responsibility. Regulators require a clear account of what occurred, when it occurred, and under authority. When producing those answers depends on manually reconstructing a process after the fact, the burden in time, resources, and risk is considerable. Agentforce captures every agent’s action by default: each decision made, each workflow initiated; each record modified is logged as part of normal system operation. 

This makes it possible for organizations to establish compliance boundaries within the operation of the agents. Additionally, you can enforce these parameters uniformly without having to invest in another maintenance effort. This is very helpful for businesses in regulated industries as it transforms the reactive documentation into an integrated responsibility and limits compliance risk for them.

How to Find the Right Agentforce Implementation Services Partner

• While assessing Certified Salesforce implementation partners, look specifically for credentials in Agentforce and the Salesforce clouds relevant to your operations.

• With the right enterprise experience, you get expertise in multi-cloud, data volume, and complex rollouts.

• Proper discovery covers your workflows, integration requirements, data structure, and where the real operational friction sits, not just the features you asked about.

• A poor implementation costs far more in rework than the initial savings are worth, so ensure you have insight into the depth of a partner with Salesforce consulting services.

• Ensure the selected Salesforce agentforce consulting service partner also offers ongoing support, internal team training, and optimization services.

Closing Remarks

Agentforce is not a feature upgrade, especially for enterprises. For them, it represents a structural change in how work gets done inside Salesforce: less waiting, less manual effort, more consistent execution across teams that are already stretched. What determines whether that plays out in practice is the implementation. The right Agentforce implementation services partner brings the technical credentials, the enterprise experience, and the operational discipline to make sure the system works the way the business actually runs. 

At CanJam NYC 2026, Schiit Audio kept a lower profile than in past years, but the Texas based manufacturer still had something worth hearing. The company has now fully relocated operations from California to facilities in San Antonio and Corpus Christi, and judging by what we heard at the show, the move hasn’t slowed development one bit.

Front and center was the Schiit Asgard X headphone amplifier, a modular desktop amp that pulls technology directly from Schiit’s flagship Schiit Mjolnir headphone amplifier. The new model introduces Schiit’s Continuity A output stage and supports an optional internal DAC card that adds digital control through the company’s Schiit Forkbeard control system. The demo unit on the table included the DAC module and was paired with the Grado HP100 SE headphones we reviewed in 2025, making it one of the more interesting desktop headphone rigs on the show floor.

The result is a mid tier amplifier that looks familiar on the outside but carries more serious tech under the hood. With trickle down circuitry from the Mjolnir platform, app based control, and modular expandability, the Asgard X feels less like a routine update and more like Schiit raiding its own vault for parts. And judging by the crowd around the table, New York City still appreciates a little well engineered Schiit.

Asgard X: Class A Power and a Little More Useful Schiit

Base price starts at $399, which gets you the amplifier and preamp functionality. Add the Mesh DAC card for $150, and the Asgard X turns into a compact all in one desktop rig with digital input and app control through Schiit’s Forkbeard control system. That’s where things get more interesting.

The DAC card introduces Schiit’s Mesh digital architecture, a custom filter design that is optimized in both the time and frequency domains rather than chasing the usual marketing buzzwords. The bigger change for day to day use is Forkbeard. Through the app you can control volume, balance, loudness, phase, NOS mode, and even adjust a full three band parametric EQ. In other words, the kind of controls people usually beg for once they realize their desktop stack requires three remotes and a flashlight.

Power output is more than adequate for most headphones:

• 3.4W RMS at 16 ohms
• 2.8W RMS at 32 ohms
• 1.9W RMS at 50 ohms
• 380mW RMS at 300 ohms
• 200mW RMS at 600 ohms

Digital input is handled through Schiit’s Unison USB interface, supporting sample rates up to 384 kHz. No DSD. No MQA. We can hear Jason and Mike laughing all the way from Times Square.

No smoke machines, no Thor cosplay. Just a modular desktop amp with plenty of power, a DAC option that actually adds functionality, and enough control to keep both the Brooklyn headphone crowd and the Texas engineers reasonably happy.

Listening to the Asgard X: Class A Power, No Funny Schiit

Right off the bat, it was clear the Schiit Asgard X headphone amplifier had more than enough power and headroom to keep the Grado HP100 SE headphones fully under control. It didn’t try to goose the top end with extra sparkle, but where it really impressed was from the bass through the lower midrange. Black Sabbath and AC/DC had real weight and drive, while Deadmau5 and Kraftwerk showed just how well the amp handles pacing and rhythmic energy.

The treble could use a bit more air on some recordings, but the sense of space and impact made up for it. Percussion had real snap, kick drums landed with authority, and the overall timing kept everything moving forward with purpose. It’s the kind of presentation that makes you stop analyzing after a few tracks and just keep listening.

The Grado HP100 SE headphones have always handled vocals well, and that remained true here, though I did find myself wishing for a little more illumination at the top. Some higher notes came across slightly muted on certain tracks, but I’ll take that over a presentation that turns hard or brittle after a few minutes. Your mileage may vary depending on the recording, but in this setup the balance leaned toward smooth and listenable rather than aggressively detailed.

The Bottom Line

The Schiit Asgard X headphone amplifier is aimed squarely at listeners who want a powerful Class A desktop amp without turning their desk into a stack of separate components. At $399, it works well as a straightforward headphone amp and preamp, and the optional Mesh DAC card adds modern convenience through Schiit Forkbeard control system without complicating the design.

With solid power, modular flexibility, and a sound that favors weight, pacing, and long listening sessions over flashy treble, the Asgard X makes the most sense for desktop headphone listeners who value control and usability over chasing the last ounce of analytical detail.

For more information: schiit.com

Related Reading:

In 1996, families looking for a home computer had the same old problem: a cluttered desk with different boxes, cables strung out everywhere, and setting it all up felt like launching a small rocket. Compaq responded with the Presario 4402, a stylish (for the time) all-in-one system that combined all of the necessary components into a single, large package.

Compaq introduced the Presario 4402 in mid-1996 as part of an effort to simplify home computing. It cost roughly $1,999, which is nearly $4,144 now, for a system that critics described as one of the few truly all-in-one packages available at the time. The design contained a 15-inch display, but only 13.8 inches showed a real image, and it was fastened on top of the computer’s internals, all squeezed into one enormous beige monstrosity. It was a mammoth, measuring 16 inches wide, 14.1 inches deep, and 15.2 inches tall, weighing a whopping 43 pounds.

HP 27 inch All-in-One Desktop PC, FHD Display, AMD Ryzen 7 7730U, 32 GB RAM, 1 TB SSD, AMD Radeon…

• CONNECT AND COLLABORATE ON YOUR TERMS – Built with all the features to keep you connected like a tiltable pop-up privacy camera, HP Video Controls…
• MORE MUSCLE FOR YOUR HUSTLE – With a powerful AMD Ryzen 7 7730U processor, ample storage, speedy connections, and plenty of memory, you’re all set to…
• THE RIGHT FIT FOR EVERY FLOW – Immerse yourself in whatever you are doing with an ultra-slim three-sided micro-edge display and up to a…

An Intel Pentium CPU ran at a respectable 133 MHz on a 66 MHz system bus, with RAM starting at 16 MB of EDO and expanding up to 128 MB with 60 ns modules. A 1.6 GB hard drive was used for storage, a 6x CD-ROM for software installation or audio disc playback, and a 1.44 MB floppy drive for file transfer to disk. The built-in speakers provided stereo sound, and a 33.6 kbps modem enabled dial-up access to the early internet and other services. Windows 95 came included with a Quick Restore CD to assist you fix problems if the system went wrong.

You could control the CD player from the front panel, so you could just insert an audio disc and modify the level without having to restart the computer. Finally, the system functioned as a speakerphone/answering machine, allowing you to keep your desk clutter-free. Then there came the matching remote, which allowed you to control several devices from across the room. The software bundle featured Microsoft Works for work and spreadsheets, Netscape Navigator for web browsing, and Compton’s Interactive Encyclopedia 1996 for quick lookups. You can also choose between CompuServe, America Online, and GNN internet access.

Critics at the time praised the Presario 4402 for its performance without requiring you to make too many compromises. One reviewer in particular stated that it was ideal for writing papers, playing games, or searching up information online, particularly if you were cramped in a small college dorm or family room with little space. The main disadvantage of the built-in display was that you couldn’t simply replace the screen when you needed to update; instead, you had to replace the entire system. Internal extension was feasible, however, thanks to a riser card that provided two ISA slots and one PCI slot for adding things like enhanced graphics.

If you say the word ‘Duolingo’, people think of language learning. With over 40 supported languages and an engaging learning workflow, it’s no wonder that the app is currently the most downloaded education platform globally, nearing the historic 1 billion install milestone.

But did you know that language lessons are not the only string to its impressive bow? In fact, in October 2022, the company launched a standalone math app before integrating the module directly into their main app a year later.