================================================================ INFOSECFOLLOW -- security, markets, business, pittsburgh 2026-06-12 ================================================================ MARKETS (weekly average, change vs prior week) ---------------------------------------------------------------- S&P 500 7,377.03 ▼ -2.2% Dow 50,725.58 ▼ -0.7% Nasdaq 25,695.30 ▼ -3.8% WTI crude 88.31 ▼ -5.2% EUR/USD 1.1550 ▼ -0.4% GBP/USD 1.3378 ▼ -0.3% USD/JPY 160.28 ▲ +0.2% ShinyHunters looted gigabytes from hundreds of organizations through an Oracle PeopleSoft zero-day, capping a day that turned on actively exploited enterprise software and AI-driven crime. EMERGING TRENDS ---------------------------------------------------------------- * AI Weaponization: Criminals and researchers bend AI both directions, from Gemini-powered smishing to Agentjacking and LangGraph flaws that turn AI agents themselves into targets. * Enterprise Edge Exploitation: Live exploitation of PeopleSoft, Ivanti Sentry, and Check Point VPN shows attackers racing defenders to internet-facing enterprise software. * Supply Chain: Hijacked Arch AUR packages and dark-web sales of repository access mark developer code as a prime attacker foothold. * Law Enforcement Momentum: Takedowns of AudiA6 and Sniper Dz alongside a Conti guilty plea squeeze cybercrime's money and infrastructure at once. * Costly Breaches: Coupang's record $409 million fine and the 23andMe settlement fund push the price of data loss to new highs. TOPICS ---------------------------------------------------------------- :: VULNERABILITIES AND EXPLOITS 1. ORACLE PEOPLESOFT ZERO-DAY RAVAGES UNIVERSITIES [zero-day, exploit, breach] Last 24h: Google confirmed ShinyHunters exploited CVE-2026-35273, a missing-authentication flaw in Oracle PeopleSoft, and CISA added it to the known exploited vulnerabilities catalog. The bug lets attackers reach a critical PeopleTools function with no authentication. Oracle has mitigated it, though the company has not publicly confirmed in-the-wild abuse. ShinyHunters used the access to steal gigabytes from hundreds of organizations, hitting American universities hardest. Administrators running PeopleSoft should apply Oracle's fix and hunt for data exfiltration now. - Ars Technica Security: https://arstechnica.com/security/2026/06/peoplesoft-0-day-affecting-hundreds-of-organizations-steals-gigabytes-of-data/ - Dark Reading: https://www.darkreading.com/vulnerabilities-threats/shinyhunters-oracle-zero-day-higher-ed - SecurityWeek: https://www.securityweek.com/google-confirms-exploitation-of-oracle-peoplesoft-zero-day-by-shinyhunters/ - CISA Advisories: https://www.cisa.gov/news-events/alerts/2026/06/12/cisa-adds-one-known-exploited-vulnerability-catalog 2. CISA ORDERS 3-DAY IVANTI SENTRY PATCH [patch, exploit] Last 24h: CISA's new Binding Operational Directive 26-04 gives federal agencies until Sunday to patch an actively exploited Ivanti Sentry command-injection flaw as honeypots log exploitation attempts. The critical OS command-injection bug lets attackers run code with root privileges on Ivanti Sentry gateways. Researchers watching honeypots see attackers probing the flaw, a sign of broad opportunistic scanning. Federal agencies face a three-day deadline under BOD 26-04, and private operators should move on the same urgency. - BleepingComputer: https://www.bleepingcomputer.com/news/security/cisa-gives-feds-3-days-to-patch-ivanti-flaw-exploited-in-attacks/ - SecurityWeek: https://www.securityweek.com/ivanti-sentry-exploitation-attempts-hitting-honeypots/ :: RANSOMWARE AND CYBERCRIME 3. 400 ARCH LINUX AUR PACKAGES HIJACKED [supply-chain, malware] Last 24h: Attackers rewrote build scripts in more than 400 Arch User Repository packages this week to drop a Rust infostealer and an eBPF rootkit. The AUR is Arch Linux's community package collection, where build scripts run on a user's own machine. The hijacked packages install a Rust binary that harvests developer credentials and access tokens, and with root it loads an eBPF rootkit to hide itself. Developers who built any AUR package this week should rotate secrets and inspect their systems for the rootkit. - The Hacker News: https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html - BleepingComputer: https://www.bleepingcomputer.com/news/security/over-400-arch-linux-packages-compromised-to-push-rootkit-infostealer/ 4. POLICE HIT CRYPTO LAUNDERING AND PHISHING NETWORKS [ransomware, law-enforcement] Last 24h: Europol dismantled AudiA6, a crypto-laundering service that washed over €336 million for ransomware gangs, as a Ukrainian pleaded guilty to Conti charges and INTERPOL's Operation Ramz felled the Sniper Dz phishing platform. AudiA6 laundered more than €336 million (~$389 million) in ransomware and cybercrime proceeds between 2022 and 2025 before authorities seized it. INTERPOL's Operation Ramz arrested 201 people across 13 MENA countries and shut the decade-old Sniper Dz PhaaS platform. A Ukrainian national extradited from Ireland admitted conspiracy tied to Conti, extending the pressure on ransomware money flows. - Help Net Security: https://www.helpnetsecurity.com/2026/06/12/europol-audia6-crypto-laundering-service-ransomware-groups/ - The Hacker News: https://thehackernews.com/2026/06/interpol-takes-down-sniper-dz-phishing.html - BleepingComputer: https://www.bleepingcomputer.com/news/security/ukrainian-national-pleads-guilty-to-role-in-conti-ransomware-operation/ :: AI SECURITY 5. GOOGLE SUES CHINA-BASED GEMINI SMISHING NETWORK [ai, phishing, fraud] Last 24h: Google sued Outsider Enterprise, a China-based network it accuses of weaponizing its Gemini AI to run a phishing-as-a-service kit that blasted scam texts at Americans. The operation built the Outsider PhaaS kit and used Gemini to generate phishing sites and scam infrastructure, linked to more than 9,000 fake sites and a million fraudulent URLs. Google estimates hundreds of thousands of victims and millions of dollars in losses. The suit marks a push to wield civil litigation against criminals who industrialize fraud with AI. - The Hacker News: https://thehackernews.com/2026/06/google-sues-chinese-smishing-network.html - Help Net Security: https://www.helpnetsecurity.com/2026/06/12/google-china-based-cybercrime-network-lawsuit/ 6. NEW ATTACKS TARGET AI CODING AGENTS [ai, vulnerability, rce] Last 24h: Researchers detailed Agentjacking, which tricks AI coding agents into running arbitrary code through fake Sentry error reports, and a LangGraph vulnerability chain enabling remote code execution. Tenet Security's Agentjacking abuses crafted Sentry error reports to push AI coding agents into executing attacker code on developer machines. Three now-patched LangGraph flaws, including an SQL injection, chain into remote code execution on self-hosted AI agents. The findings show autonomous agents widening the attack surface as they read documents, call APIs, and run code. Teams running self-hosted agents should patch LangGraph and constrain agent execution. - The Hacker News: https://thehackernews.com/2026/06/agentjacking-attack-tricks-ai-coding.html - The Hacker News: https://thehackernews.com/2026/06/langgraph-flaw-chain-exposes-self.html :: NATION-STATE ACTIVITY 7. VELVET ANT BACKDOORED LINUX LOGIN FOR A DECADE [apt, espionage] Last 24h: Sygnia disclosed that the China-linked Velvet Ant group backdoored the PAM and OpenSSH components governing Linux logins, hiding for close to ten years. Velvet Ant planted its access in the authentication layer that decides who may sign in, where routine cleanup could not reach. Sygnia tracks the group as a China-nexus actor built for long-term espionage. Defenders should audit PAM modules and OpenSSH binaries for tampering across critical infrastructure. - The Hacker News: https://thehackernews.com/2026/06/china-linked-hackers-backdoored-linux.html :: DATA BREACHES 8. RECORD PRIVACY FINES AND FRESH BREACHES PILE UP [breach, policy, fine] Last 24h: South Korea fined Coupang a record $409 million over a data breach, a bankruptcy administrator approved a $47 million fund for 23andMe victims, and Novo Nordisk and France's Tchap messenger disclosed new breaches. Coupang's $409 million penalty is the largest ever from the commission, topping a $88.8 million fine against SK Telecom earlier this year. The 23andMe fund compensates 7 million customers whose genetic data leaked starting April 2023, much of it posted to the dark web. Novo Nordisk, the world's largest insulin maker, exposed clinical-trial patient data, and a breach of France's Tchap encrypted messenger hit over 73,000 public-sector accounts. Regulators and courts keep raising the cost of weak data stewardship. - The Record: https://therecord.media/south-korea-data-breach-record-fine-coupang - The Record: https://therecord.media/bankruptcy-admin-approves-settlement-for-23andme-breach-victims - BleepingComputer: https://www.bleepingcomputer.com/news/security/pharmaceutical-giant-novo-nordisk-discloses-security-breach/ - BleepingComputer: https://www.bleepingcomputer.com/news/security/french-govt-says-tchap-breach-affected-over-73-000-accounts/ BUSINESS AND POLITICS ---------------------------------------------------------------- * The United States and Iran agreed the text of a peace deal, Pakistan's prime minister said, with both sides expecting to sign within days; the accord would dismantle Iran's nuclear program in return for sanctions relief and reopen the Strait of Hormuz. Oil settled at three-month lows and Treasury yields fell on the week as the energy shock eased. - FT World: https://www.ft.com/content/b91fc27b-8e50-48c1-b9e6-0c93aea19b76 - FT World: https://www.ft.com/content/9d8b31b0-1269-458e-b831-9b5e079e564e * SpaceX jumped nearly a fifth on its trading debut to a $2.1 trillion valuation after raising $75 billion in the largest initial public offering on record, making Elon Musk the world's first trillionaire as investors bought into the rocket-and-AI vision. - FT Markets: https://www.ft.com/content/16387550-4d13-4d2d-b487-c4f6f4a5e9c8 - WSJ US Business: https://www.wsj.com/business/spacex-now-worth-2-1-trillion-pulls-off-goldilocks-debut-bcc59ace?mod=pls_whats_news_us_business_f PITTSBURGH ---------------------------------------------------------------- Weather: Tonight: Mostly Clear, low 60F. Saturday: Sunny, high 86F. Saturday Night: Partly Cloudy, low 64F. Sports: PIRATES (35-35) Jun 11: Dodgers 8 Pirates 6 Final Ohtani homers, leaves game with left knee inflammation in Dodgers' 8-6 win over Pirates https://plaintextsports.com/mlb/2026-06-11/lad-pit Jun 12: Marlins 8 Pirates 3 Final https://plaintextsports.com/mlb/2026-06-12/mia-pit Headlines: Marlins bring 5-game win streak into matchup with the Pirates 2026 MLB ABS challenge system tracker: Team, player rankings Business: * Pittsburgh's Urban Redevelopment Authority won a $250,000 grant to upgrade Smithfield Street downtown and has hired an architect to transform the boarded-up storefronts below the park. - WPXI: https://www.wpxi.com/news/local/pittsburgh-receives-250k-grant-use-upgrades-smithfield-street/5S77JUWTAFD7RO6YKCCQ2B4LBM/ * Pennsylvania's Public Utility Commission will hold three public hearings on the proposed $32.8 million sale of the water authority serving the Donegal area and several Fayette County communities to the state's largest private water utility. - TribLive: https://triblive.com/local/westmoreland/puc-to-hold-hearings-on-donegal-area-water-company-sale/ * First National Bank closed its branch on Tarentum Bridge Road and referred customers to other locations. - TribLive: https://triblive.com/local/valley-news-dispatch/fnb-along-tarentum-bridge-road-closed-customers-referred-to-other-branches/ Around town: * Mister Rogers' Neighborhood arrived on YouTube with its first dedicated channel, offering full episodes, livestreams, and clips of the Pittsburgh-made program to viewers worldwide. - KDKA: https://www.cbsnews.com/pittsburgh/news/mister-rogers-neighborhood-youtube-channel-launches/ * Pittsburgh officials want to open a 110-year-old time capsule that Mayor Joseph Armstrong placed in the City-County Building in 1916, holding newspaper clippings, a Bible, and city and national flags; they cannot find it. - KDKA: https://www.cbsnews.com/pittsburgh/news/pittsburgh-missing-time-capsule-city-county-building/ * Monroeville's mayor says the timeline for demolishing Monroeville Mall remains uncertain, with no formal plans yet submitted. - WTAE: https://www.wtae.com/article/monroeville-mall-demolition-timeline-uncertain/71572476 * South Greensburg will ask voters to shrink its borough council, part of officials' push for a smaller local government. - TribLive: https://triblive.com/local/westmoreland/south-greensburg-asks-voters-to-reduce-size-of-council/ Events: * The Three Rivers Arts Festival enters its final weekend at its new home, Arts Landing in the Cultural District, where vendors report a warm reception after Thursday's storms cleared. - KDKA: https://www.cbsnews.com/pittsburgh/news/vendors-approve-three-rivers-arts-festival/ * Seton Hill University in Greensburg hosts the annual Jane Austen Summer Program, a four-day symposium of lectures, small-group discussions, and a formal ball. - TribLive: https://triblive.com/local/westmoreland/seton-hill-site-of-symposium-on-jane-austen/ * 1846 Farms in Westmoreland County hosts the Luke Bryan Farm Tour, the property's first major concert. - WTAE: https://www.wtae.com/article/luke-bryan-farm-tour-pennsylvania-1846-farms/71564381 * Butler County, where the Bantam Jeep was designed, marks the vehicle's heritage with a weekend of Jeep gatherings for owners and enthusiasts. - WPXI: https://www.wpxi.com/news/local/family-affair-butler-county-residents-celebrate-history-jeeps-their-community/X6MDOLVJ7ZAA3AVFHMG2Q6RVUI/ READING ---------------------------------------------------------------- * Ed Zitron -- Premium: The Silicon Valley Bubble (Part 1) Zitron argues the AI era is ending as OpenAI and Anthropic both file to go public, racing for exit liquidity while burning billions a year with no path to profitability. https://www.wheresyoured.at/premium-the-silicon-valley-bubble-part-1/ * Stratechery -- Fable 5, Anthropic Alignment, AI Tiers Reviews Anthropic's Fable 5, the public version of Mythos, judging it highly capable while warning that it sets troubling new precedents. https://stratechery.com/2026/fable-5-anthropic-alignment-ai-tiers/ * Stratechery -- The iPhone's Last Stand Contends Apple's revamped Siri, short of state of the art, works well enough to satisfy the consumer market and carry the iPhone forward. https://stratechery.com/2026/the-iphones-last-stand/ * Cal Newport -- Why Isn't AI Taking Our Jobs? Newport asks why AI has yet to eliminate jobs despite industry leaders comparing it to industrial automation, probing the limits of the brawn-to-brains analogy. https://calnewport.com/why-isnt-ai-taking-our-jobs/ ================================================================ Generated 2026-06-12 21:32 EDT. Sources: 18 security feeds; 9 Pittsburgh feeds; the Wall Street Journal, the Economist, and the Financial Times; and Ed Zitron, Stratechery, Cal Newport. Markets from Yahoo Finance, weather from the NWS, scores from ESPN. Summaries are AI-generated from the linked reporting; verify at the sources. ================================================================