================================================================ INFOSECFOLLOW -- security, markets, business, pittsburgh Sunday, June 14, 2026 ================================================================ The FBI and Google dismantled a China-based AI-powered phishing service spanning a million URLs as a critical unauthenticated flaw in Splunk Enterprise forced urgent patching. CONTENTS: Emerging Trends | Security | Business and Politics | Pittsburgh | Sports | Reading | Markets EMERGING TRENDS ---------------------------------------------------------------- * AI's Double Edge: AI now drives both sides of the contest—it powered the Outsider phishing factory and the Zcash bug hunt while DockSec folds it into container defense. * China Nexus: China-based operators surfaced again as the FBI traced the Outsider phishing service to China and Velvet Ant's decade-long authentication hijack stayed in view. * Enterprise RCE: Unauthenticated remote code execution keeps battering core enterprise platforms, with Splunk Enterprise joining the week's Oracle PeopleSoft and Check Point VPN flaws. * AI Governance: Political pressure to control AI mounts as Sanders floats a sovereign wealth fund and Washington's export order keeps Anthropic's top models offline. SECURITY ---------------------------------------------------------------- :: RANSOMWARE AND CYBERCRIME 1. FBI DISMANTLES AI-POWERED OUTSIDER PHISHING SERVICE [phishing, ai, takedown] Latest developments: The FBI, Google, and Black Lotus Labs dismantled Outsider Enterprise, the China-based phishing-as-a-service operation that ran thousands of sites across a million URLs, days after Google's lawsuit against the same network. Outsider Enterprise weaponized Google's Gemini AI to mass-produce phishing pages that harvested credit card numbers and passwords from Americans. Investigators seized thousands of phishing websites tied to roughly a million URLs. Google sued the network earlier in the week, and the FBI partnership escalated the case to operational disruption. Organizations should hunt for credential theft and reset any exposed accounts. - BleepingComputer: https://www.bleepingcomputer.com/news/security/fbi-disrupts-massive-ai-powered-phishing-service-using-a-million-urls/ :: VULNERABILITIES AND EXPLOITS 2. CRITICAL SPLUNK ENTERPRISE FLAW ENABLES UNAUTHENTICATED RCE [vulnerability, patch, rce] Latest developments: Splunk patched CVE-2026-20253, a 9.8-severity flaw that lets an unauthenticated attacker create or truncate arbitrary files and reach remote code execution. The vulnerability affects Splunk Enterprise versions below 10.2.4 and 10.0.7. An unauthenticated user could perform arbitrary file operations, opening a path to full remote code execution on the analytics platform many enterprises run for security monitoring. Splunk released fixes, and administrators should upgrade immediately. - The Hacker News: https://thehackernews.com/2026/06/critical-splunk-enterprise-flaw-lets.html :: POLICY AND REGULATION 3. SANDERS PITCHES AN AI SOVEREIGN WEALTH FUND [policy, ai] Latest developments: Senator Bernie Sanders proposed an AI sovereign wealth fund in the New York Times, arguing a handful of billionaires should not determine humanity's future with no democratic input. Writing in the New York Times, Sanders asked whether a few billionaires who built AI should grow even richer and more powerful with no democratic check. Security technologist Bruce Schneier amplified the framing, tying it to the questions of AI and democracy raised in his book Rewiring Democracy. The proposal would channel AI-driven wealth into public hands. It signals rising political pressure to govern AI's economic concentration. - Schneier on Security: https://www.schneier.com/blog/archives/2026/06/bernie-sanders-ai-sovereign-wealth-fund-plan.html :: AI SECURITY 4. DOCKSEC ADDS AN AI LAYER TO CONTAINER SCANNING [ai, tooling, supply chain] Latest developments: DockSec, an OWASP incubator project, combines Trivy, Hadolint, and Docker Scout with a language-model layer that explains and remediates Dockerfile and image findings. Advait Patel created the open-source Python tool, which runs three container scanners, correlates their results, and returns a 0-100 security score alongside language-model explanations. It targets developers hardening Docker images. The project shows defenders folding AI into routine supply chain checks. - Help Net Security: https://www.helpnetsecurity.com/2026/06/14/week-in-review-exploited-check-point-vpn-zero-day-oracle-peoplesoft-servers-under-attack/ BUSINESS AND POLITICS ---------------------------------------------------------------- * Iran Deal Hangs on Beirut Strike Latest developments: Iran threatened to quit the talks and retaliate after Israel hit what it called a Hezbollah command center in Beirut, and Trump warned every side against further attacks hours before the Sunday signing. Israel struck Beirut's outskirts as Washington and Tehran neared a deal to end their war and reopen the Strait of Hormuz, an accord both sides expected to sign June 14. A collapse would swing the conflict back from ceasefire toward escalation and put the world's busiest oil chokepoint back in play. - FT World: https://www.ft.com/content/ce9286fb-b37c-4113-9ec3-0464144c4977 - WSJ World News: https://www.wsj.com/world/middle-east/iran-threatens-to-pull-out-of-talks-after-israel-strikes-beiruts-outskirts-d0390e22 * Warsh Chairs First Fed Meeting Latest developments: Kevin Warsh gavels his first Federal Open Market Committee meeting this week, the debut markets will parse for rate signals with annual inflation at 4.2%, the highest since April 2023. Warsh leads the Federal Reserve's policy meeting under pressure over the central bank's wait-and-see stance as an energy shock and AI-driven spending strain the economy. Investors will judge his independence and read his early tone on the path for rates. - FT World: https://www.ft.com/content/c17424f0-244e-45f4-b1d7-a0ffcebc4cf0 - FT World: https://www.ft.com/content/0b984a9e-8ea5-48e5-98cc-5d9751a118a3 PITTSBURGH ---------------------------------------------------------------- Weather: This Afternoon: Showers And Thunderstorms Likely, high 84F. Tonight: Showers And Thunderstorms then Mostly Cloudy, low 56F. Monday: Partly Sunny, high 71F. Business: * Crime Victim Funds Face Cuts Latest developments: Pennsylvania's crime victim services brace for funding cuts as federal white-collar prosecutions, the source of the fines that bankroll those programs, fall under the Trump administration. Victim service agencies across the state draw on penalties collected in federal white-collar cases. With those prosecutions down, the pool shrinks, squeezing counseling, shelter, and court-advocacy programs statewide. - Pittsburgh Post-Gazette: https://www.post-gazette.com/news/social-services/2026/06/14/victim-services-pennsylvania/stories/202606110006 * Shadyside Victorian Hits Market Latest developments: A Queen Anne Victorian at 719 Amberson Ave. in West Shadyside, host to decades of piano concerts and standing since 1885, has come up for sale. The home has survived nearly 150 years of a shifting neighborhood and the rise and fall of steel, kept preserved where many nearby historical houses drew lesser renovations. - Pittsburgh Magazine: https://www.pittsburghmagazine.com/hot-property-719-amberson-ave-shadyside/ Around town: * Cellphone Law Brings 700 Fines Latest developments: State police have fined nearly 700 drivers for holding a phone since Pennsylvania's Paul Miller Law took effect. The Paul Miller Law bars holding a cellphone while driving. Troopers issued close to 700 citations, a sign the grace period has given way to active enforcement. - Pittsburgh Post-Gazette: https://www.post-gazette.com/news/transportation/2026/06/14/cellphone-ban-tickets-paul-miller-law-fine/stories/202606140071 * Student Bikes 1,200 Miles to World Cup Latest developments: A western Pennsylvania college student rode 1,200 miles from Pittsburgh to Texas, surviving six flat tires, to watch his favorite team play in the World Cup. The trip carried him across half the country on a bicycle for a single soccer match, a feat of endurance built around the tournament's U.S. run. - WTAE: https://www.wtae.com/article/western-pa-student-bikes-world-cup-match/71580228 * Irwin Priest Honored With Plaque Latest developments: Supporters of the late Rev. John Moineau will dedicate a memorial plaque on the Church Alley street sign behind Immaculate Conception Church in Irwin. Moineau served the Westmoreland County parish, and backers arranged the marker on the alley sign behind the church to keep his memory in place. - TribLive: https://triblive.com/local/westmoreland/rev-john-moineau-late-irwin-priest-to-be-memoralized-with-plaque-on-street-sign/ Events: * Honeck Extends With Pittsburgh Symphony Latest developments: Manfred Honeck signed a contract extension with the Pittsburgh Symphony Orchestra that will carry his run as music director to 25 years. Honeck, the orchestra's music director, locked in a deal keeping him on the PSO podium and reaching a quarter-century leading one of the country's top ensembles. - Post-Gazette Arts & Entertainment: https://www.post-gazette.com/ae/music/2026/06/10/manfred-honeck-pso-contract/stories/202606100041 * App Maps Pittsburgh Film Locations Latest developments: A new app, PastFinders, guides users to Pittsburgh movie locations, including the downtown spots where 'The Dark Knight Rises' filmed. The self-guided tour lets visitors stand where scenes from 'The Dark Knight Rises' and other films shot around the city, a walk through Pittsburgh's screen history available anytime. - Post-Gazette Arts & Entertainment: https://www.post-gazette.com/ae/movies/2026/06/11/pittsburgh-film-tour-app-pastfinders/stories/202605290043 SPORTS ---------------------------------------------------------------- Pirates (36-36) Sat Jun 13 · Marlins 2 · Pirates 3 · Final Spencer Horwitz hit by pitch with the bases loaded to lift the Pirates past the Marlins, 3-2 https://plaintextsports.com/mlb/2026-06-13/mia-pit Sun Jun 14 · Marlins 4 · Pirates 2 · Final Meyer outduels Skenes, allows one run in six innings as Marlins top Pirates 4-2 https://plaintextsports.com/mlb/2026-06-14/mia-pit Up Next · Pirates @ Athletics · Mon Jun 15, 9:40 PM https://plaintextsports.com/mlb/2026-06-15/pit-ath Around the Teams: * Pirates Call Up Antwone Kelly Latest developments: The Pirates are promoting No. 7 prospect Antwone Kelly to shore up a leaky bullpen, the Post-Gazette reported. Pittsburgh turned to Kelly, the Aruba-born reliever and one of its top prospects, after a string of late-inning failures put the relief corps under strain. - Post-Gazette Pirates: https://www.post-gazette.com/sports/pirates/2026/06/12/pirates-bullpen-antwone-kelly-debut-aruba-1/stories/202606120034 * Porter Jr. Contract Talks in Focus Latest developments: On the Steelers' SNR Drive, Matt Williamson, Wes Uhler, and Chris Adamski weighed Joey Porter Jr.'s contract talks and how the cornerback room is shaping up as OTAs closed. The team's podcast sized up the corner group built around the young first-rounder, framing his next deal as a question hanging over the secondary heading into camp. - Pittsburgh Steelers (YouTube): https://www.youtube.com/watch?v=orGyCWl5kYI * Heyward Marks Herbig's Contract Latest developments: On Not Just Football, Cam Heyward celebrated teammate Nick Herbig's new contract, calling the payoff 20 years in the making. Heyward's podcast spotlighted the Steelers linebacker, casting Herbig's deal as the reward for a long climb of hard work. - Not Just Football with Cam Heyward: https://www.youtube.com/shorts/0rfyueiCpE4 * Steelers Eye Interchangeable Safeties Latest developments: The Post-Gazette reports the Steelers will follow the NFL's drift toward interchangeable safeties under Mike McCarthy. The league increasingly asks both safeties to cover, blitz, and play deep, and Pittsburgh plans a versatile back end with DeShon Elliott among the pieces. - Post-Gazette Steelers: https://www.post-gazette.com/sports/steelers/2026/06/11/safety-ramsey-deshon-elliott-nfl-mccarthy-graham/stories/202606110040 * Six Pirates Lessons Vs. the Best Latest developments: The Post-Gazette's Off The Bat drew six lessons from the Pirates' six games against the Dodgers and Braves. After facing baseball's top teams, the column gauged where Pittsburgh stands, from Paul Skenes's brilliance to Mitch Keller's struggles and the offense's gaps against elite pitching. - Post-Gazette Pirates: https://www.post-gazette.com/sports/pirates/2026/06/13/dodgers-braves-lowe-skenes-keller-ohtani/stories/202606120035 READING ---------------------------------------------------------------- * Ed Zitron -- Premium: The Silicon Valley Bubble (Part 1) Zitron argues Silicon Valley is nearing the end of an era as OpenAI and Anthropic file to go public, casting the IPOs as a race for exit liquidity by money-losing firms he sees as having no path to profit. https://www.wheresyoured.at/premium-the-silicon-valley-bubble-part-1/ * Stratechery -- An Interview with Ben Bajarin About Apple, AI, and Compute Ben Thompson and Ben Bajarin discuss Apple's WWDC and the state of the AI compute industry. https://stratechery.com/2026/an-interview-with-ben-bajarin-about-apple-ai-and-compute/ * Cal Newport -- Why Isn't AI Taking Our Jobs? Newport probes the analogy between AI and industrial automation, asking why the predicted wave of AI-driven job losses has yet to arrive. https://calnewport.com/why-isnt-ai-taking-our-jobs/ MARKETS (weekly average, change vs prior week) ---------------------------------------------------------------- S&P 500 7,377.03 ▼ -2.2% Dow 50,725.58 ▼ -0.7% Nasdaq 25,695.30 ▼ -3.8% WTI crude 88.42 ▼ -5.0% EUR/USD 1.1550 ▼ -0.4% GBP/USD 1.3363 ▼ -0.6% USD/JPY 160.31 ▲ +0.3% ================================================================ Generated 2026-06-14 16:03 EDT. Sources: 22 security feeds; 9 Pittsburgh feeds; 4 Pittsburgh arts and events feeds; 6 Pittsburgh sports beat and podcast feeds; the Wall Street Journal, the Economist, and the Financial Times; and Ed Zitron, Stratechery, Cal Newport. Markets from Yahoo Finance, weather from the NWS, scores from ESPN. Summaries are AI-generated from the linked reporting; verify at the sources. ================================================================