================================================================ INFOSECFOLLOW -- security, markets, business, pittsburgh Sunday, June 14, 2026 ================================================================ An Oracle PeopleSoft zero-day is bleeding gigabytes from hundreds of organizations as Washington forces Anthropic to pull its two newest AI models offline worldwide. CONTENTS: Emerging Trends | Security | Business and Politics | Pittsburgh | Sports | Reading | Markets EMERGING TRENDS ---------------------------------------------------------------- * Weaponized AI: AI sits on both sides of the fight this week, from Washington pulling Anthropic's Fable 5 and Mythos 5 offline to Google suing a Gemini-powered smishing ring and Agentjacking tricking coding agents into running attacker code. * Decade-Long Footholds: Broken authentication that lingered for years surfaced all at once—Velvet Ant's ten years in Linux login, a decade-old phpBB auth bypass, and Check Point's exploited VPN bypass—proving how long access flaws hide. * Poisoned Repositories: Supply-chain footholds keep moving upstream, with attackers hijacking 400-plus Arch AUR packages and npm 12 preparing to stop running dependency scripts by default. * Breach Bills: Regulators and courts are pricing breaches steeply this week, from Coupang's record $409 million Korean fine to a $47 million 23andMe victim settlement. SECURITY ---------------------------------------------------------------- :: VULNERABILITIES AND EXPLOITS 1. ORACLE PEOPLESOFT ZERO-DAY (CVE-2026-35273) [zero-day, exploit, breach] Last 24h: CISA added CVE-2026-35273 to its known-exploited catalog and ordered federal agencies to patch under Binding Operational Directive 26-04. A missing-authentication flaw in Oracle PeopleSoft Enterprise PeopleTools lets attackers reach critical functions with no credentials. The ShinyHunters crew has exploited it to steal gigabytes from hundreds of organizations, hitting American universities hardest because so many run PeopleSoft for HR and finance. Apply Oracle's fix at once and hunt logs for bulk data exfiltration. - Ars Technica Security: https://arstechnica.com/security/2026/06/peoplesoft-0-day-affecting-hundreds-of-organizations-steals-gigabytes-of-data/ - Dark Reading: https://www.darkreading.com/vulnerabilities-threats/shinyhunters-oracle-zero-day-higher-ed - CISA Advisories: https://www.cisa.gov/news-events/alerts/2026/06/12/cisa-adds-one-known-exploited-vulnerability-catalog 2. CHECK POINT VPN AUTH BYPASS (CVE-2026-50751) [zero-day, patch, vpn] Last 24h: WatchTowr released a technical analysis and a detection-artefact generator for CVE-2026-50751, raising the odds of a broad opportunistic wave. The authentication-bypass flaw in Check Point Remote Access VPN and Mobile Access lets attackers walk past login. Check Point patched it June 8, 2026, and confirmed limited active exploitation before the disclosure. Now that working detection tooling and analysis sit in public view, expect wider scanning and attacks. Patch immediately and review VPN authentication logs. - Help Net Security: https://www.helpnetsecurity.com/2026/06/12/cve-2026-50751-poc-exploit/ - Help Net Security: https://www.helpnetsecurity.com/2026/06/14/week-in-review-exploited-check-point-vpn-zero-day-oracle-peoplesoft-servers-under-attack/ 3. CRITICAL SPLUNK ENTERPRISE RCE (CVE-2026-20253) [rce, patch] Last 24h: Splunk shipped fixes for CVE-2026-20253, a 9.8 flaw that lets unauthenticated users run code. In Splunk Enterprise below versions 10.2.4 and 10.0.7, an unauthenticated user can create or truncate arbitrary files and escalate to remote code execution. Splunk often sits at the center of a security operations center, so a compromise hands attackers the monitoring system itself. Upgrade to a fixed release now. - The Hacker News: https://thehackernews.com/2026/06/critical-splunk-enterprise-flaw-lets.html :: AI SECURITY 4. U.S. PULLS ANTHROPIC'S FABLE 5 AND MYTHOS 5 OFFLINE [ai, policy, export-controls] Last 24h: Anthropic disabled Fable 5 and Mythos 5 globally after a 5:21 p.m. federal order barred all foreign-national access. The Trump administration invoked export controls and cited national security plus a jailbreak to bar every foreign national, inside or outside the United States, from the two models. Anthropic complied and suspended both worldwide, yet disputes the basis, calling the jailbreak narrow and the capability common elsewhere. The directive knocked Anthropic's most advanced systems offline for all users. Industry voices split over dual-use risk, safeguards, and tiered access. - BleepingComputer: https://www.bleepingcomputer.com/news/security/us-gov-asks-anthropic-to-ban-foreign-national-access-to-fable-mythos/ - The Hacker News: https://thehackernews.com/2026/06/us-orders-anthropic-to-suspend-fable-5.html - SecurityWeek: https://www.securityweek.com/anthropic-says-it-has-taken-its-latest-ai-models-offline-to-comply-with-new-export-controls/ 5. GOOGLE SUES CHINA-BASED GEMINI SMISHING NETWORK [ai, phishing, cybercrime] Last 24h: Google filed suit against Outsider Enterprise, accusing it of weaponizing Gemini to mass-produce phishing infrastructure. The China-based network runs a phishing-as-a-service kit called Outsider and leaned on Google's Gemini agent to build phishing sites and scam infrastructure aimed at Americans. Google ties the group to more than 9,000 fake websites, a million fraudulent URLs, and hundreds of thousands of victims with losses in the millions of dollars. The lawsuit pairs civil claims with takedown pressure on the operation. - The Hacker News: https://thehackernews.com/2026/06/google-sues-chinese-smishing-network.html - Help Net Security: https://www.helpnetsecurity.com/2026/06/12/google-china-based-cybercrime-network-lawsuit/ :: NATION-STATE ACTIVITY 6. VELVET ANT'S DECADE IN THE LINUX LOGIN STACK [apt, china, persistence] Last 24h: Sygnia detailed how the China-nexus group Velvet Ant backdoored PAM and OpenSSH to hide for nearly ten years. Velvet Ant seized a target's authentication stack, planting implants in the PAM and OpenSSH components that decide who signs in, and held persistence for a decade with full view of administrative activity. The targeted network had no internet access, yet routine cleanup never reached binaries buried that deep. Defenders should verify the integrity of login binaries and authentication modules rather than trust them. - BleepingComputer: https://www.bleepingcomputer.com/news/security/chinese-hackers-hijack-auth-flow-spy-on-isolated-network-for-a-decade/ - The Hacker News: https://thehackernews.com/2026/06/china-linked-hackers-backdoored-linux.html :: SUPPLY CHAIN SECURITY 7. 400-PLUS ARCH LINUX AUR PACKAGES HIJACKED [supply-chain, rootkit, infostealer] Last 24h: Attackers rewrote build scripts across more than 400 Arch User Repository packages to drop a credential stealer. The malware is a Rust binary that harvests developer secrets and access tokens, and with root it loads an eBPF rootkit to hide itself. Any machine that builds a poisoned package executes the code during the build. The AUR is Arch Linux's community collection, separate from official repositories and largely user-trusted. Rebuild from clean sources and rotate every credential the build host touched. - The Hacker News: https://thehackernews.com/2026/06/over-400-arch-linux-aur-packages.html - BleepingComputer: https://www.bleepingcomputer.com/news/security/over-400-arch-linux-packages-compromised-to-push-rootkit-infostealer/ :: DATA BREACHES 8. REGULATORS AND COURTS TALLY THE COST OF BREACHES [breach, fine, policy] Last 24h: South Korea fined Coupang a record $409 million while a US bankruptcy administrator approved a $47 million 23andMe settlement fund. South Korea's privacy commission levied its largest-ever data-breach penalty, $409 million against Coupang, topping the $88.8 million SK Telecom fine from earlier this year. In the United States, an administrator approved a $47 million fund for 7 million 23andMe customers whose genetic data hackers stole starting April 2023 and posted to the dark web. Novo Nordisk, the world's largest insulin maker, separately disclosed a breach exposing clinical-trial patient data. - The Record: https://therecord.media/south-korea-data-breach-record-fine-coupang - The Record: https://therecord.media/bankruptcy-admin-approves-settlement-for-23andme-breach-victims - BleepingComputer: https://www.bleepingcomputer.com/news/security/pharmaceutical-giant-novo-nordisk-discloses-security-breach/ BUSINESS AND POLITICS ---------------------------------------------------------------- * SpaceX completed the largest initial public offering in history at a $2.1 trillion valuation, making Elon Musk the world's first trillionaire. An army of do-it-yourself traders bought roughly $118 million of stock on the first day, and the smooth debut steadied otherwise jittery markets. - WSJ Markets: https://www.wsj.com/business/spacex-now-worth-2-1-trillion-pulls-off-goldilocks-debut-bcc59ace?mod=rss_markets_main - WSJ Markets: https://www.wsj.com/finance/stocks/spacexs-retail-powered-debut-helps-steady-shaky-markets-2e52cbee?mod=rss_markets_main * President Trump said the United States and Iran will sign an agreement Sunday to reopen the Strait of Hormuz, the chokepoint for a fifth of seaborne oil, though Tehran cautioned that the timing remains uncertain. The deal would cap an escalation that a U.S. helicopter crash had set off. - FT World: https://www.ft.com/content/726f4afe-c3ff-4ec0-bfc9-b572b419e11f - WSJ World News: https://www.wsj.com/world/middle-east/iran-war-peace-talks-what-happened-d033900f * U.S. headline annual inflation climbed to 4.2%, the highest since April 2023, tightening the squeeze on the Federal Reserve as a wait-and-see stance risks repeating the policy errors of 2008. - FT Markets: https://www.ft.com/content/20509c5d-e995-4670-83f5-d3d705671ee1 - FT World: https://www.ft.com/content/01c5ea35-a0fa-469f-b8bb-356d98c05fb0 * China is preparing a cross-border digital payments platform to challenge the dollar, with the central banks of Hong Kong, Thailand, the United Arab Emirates, and Saudi Arabia backing it. - FT Markets: https://www.ft.com/content/76de5ca6-9ae8-49ae-a0cb-64d09040f327 PITTSBURGH ---------------------------------------------------------------- Weather: Today: Chance Showers And Thunderstorms, high 84F. Tonight: Showers And Thunderstorms then Mostly Cloudy, low 56F. Monday: Mostly Sunny, high 71F. Business: * Alcosan began a billion-dollar tunnel beneath the Ohio River, the opening piece of a ten-year program to overhaul the region's sewer and stormwater system and reshape Pittsburgh's waterways. - Pittsburgh Post-Gazette: https://www.post-gazette.com/local/region/2026/06/14/alcosan-ohio-river-tunnel-pittsburgh-water/stories/202606120073 * Area businesses are voicing concern over Allegheny County's proposed paid parental leave policy, pointing to added cost and the burden of compliance. - Pittsburgh Post-Gazette: https://www.post-gazette.com/news/health/2026/06/14/paid-parental-leave-allegheny-county/stories/202606110032 * A Pittsburgh restaurant gutted by fire more than two years ago will sell its building, abandoning its plans to reopen. - WPXI: https://www.wpxi.com/news/local/pittsburgh-restaurant-destroyed-by-fire-sell-its-building-after-being-unable-reopen/QAWE4U7CCZBSBPO4LHQBLARBAM/ Around town: * Forecasters flagged Sunday as an Impact Day for western Pennsylvania, with scattered afternoon and evening thunderstorms; damaging winds pose the leading threat between 3 p.m. and 8 p.m. - WTAE: https://www.wtae.com/article/impact-day-scattered-afternoon-thunderstorms-for-western-pa/71580602 * A water main break buckled a road in Forest Hills, and crews closed the crumbling stretch Saturday. - WPXI: https://www.wpxi.com/news/local/crumbling-road-closed-after-water-main-break-forest-hills/XEBP2OBCZRD3XED2BQ4HDSAN2I/ * A crash and vehicle fire briefly shut down westbound Interstate 376 in Robinson Township before crews reopened the lanes. - WPXI: https://www.wpxi.com/news/local/crash-closes-westbound-i-376-robinson-township-vehicle-catches-fire/G4VIMJCXKRGJJK2G3OLQKYCFRU/ * A year after catastrophic flooding, rebuilding crawls in tiny Triadelphia, West Virginia, and residents there still carry the trauma. - Pittsburgh Post-Gazette: https://www.post-gazette.com/news/weather-news/2026/06/14/triadelphia-west-virginia-flood-recovery/stories/202606120055 Events: * Living Dead Weekend draws horror fans to the Monroeville Mall, the setting of George Romero's 'Dawn of the Dead,' through Sunday. - WPXI: https://www.wpxi.com/news/local/zombie-fans-flock-monroeville-mall-living-dead-weekend/5H36BF3UCJFZ5B5KVBXG3GQIEM/ SPORTS ---------------------------------------------------------------- Pirates (36-35) Sat Jun 13 · Marlins 2 · Pirates 3 · Final Spencer Horwitz hit by pitch with the bases loaded to lift the Pirates past the Marlins, 3-2 https://plaintextsports.com/mlb/2026-06-13/mia-pit Up Next · Marlins @ Pirates · Sun Jun 14, 12:15 PM https://plaintextsports.com/mlb/2026-06-14/mia-pit Headlines: · Miami Marlins vs. Pittsburgh Pirates: Game Highlights · Marlins try to extend road win streak in matchup against the Pirates READING ---------------------------------------------------------------- * Ed Zitron -- Premium: The Silicon Valley Bubble (Part 1) Zitron argues the AI era is ending as OpenAI and Anthropic both file to go public, racing for exit liquidity despite burning billions a year with no path to profitability. https://www.wheresyoured.at/premium-the-silicon-valley-bubble-part-1/ * Stratechery -- Fable 5, Anthropic Alignment, AI Tiers Thompson examines Fable 5, the public version of Mythos, judging it highly capable while warning that it establishes troubling new precedents around alignment and AI tiers. https://stratechery.com/2026/fable-5-anthropic-alignment-ai-tiers/ * Cal Newport -- Why Isn’t AI Taking Our Jobs? Newport probes why AI has yet to eliminate work, questioning the industry's habit of comparing the technology to the industrial automation that displaced manual labor. https://calnewport.com/why-isnt-ai-taking-our-jobs/ MARKETS (weekly average, change vs prior week) ---------------------------------------------------------------- S&P 500 7,377.03 ▼ -2.2% Dow 50,725.58 ▼ -0.7% Nasdaq 25,695.30 ▼ -3.8% WTI crude 88.42 ▼ -5.0% EUR/USD 1.1550 ▼ -0.4% GBP/USD 1.3363 ▼ -0.6% USD/JPY 160.31 ▲ +0.3% ================================================================ Generated 2026-06-14 06:02 EDT. Sources: 18 security feeds; 9 Pittsburgh feeds; the Wall Street Journal, the Economist, and the Financial Times; and Ed Zitron, Stratechery, Cal Newport. Markets from Yahoo Finance, weather from the NWS, scores from ESPN. Summaries are AI-generated from the linked reporting; verify at the sources. ================================================================