daily plain-text briefing: security, markets, business, and pittsburgh
Attackers hammered VPNs and remote-access tools through fresh zero-days while AI gateways, assistants, and the models themselves emerged as the day's newest battlegrounds.
Latest developments: Palo Alto Networks confirmed active exploitation of CVE-2026-0257, an authentication-bypass flaw in PAN-OS GlobalProtect portals and gateways; SimpleHelp disclosed a bug that lets unauthenticated attackers mint privileged technician accounts through OIDC; and CISA added Cisco Catalyst SD-WAN Manager CVE-2026-20262 and LiteSpeed cPanel plugin CVE-2026-54420 to its Known Exploited Vulnerabilities catalog.
GlobalProtect is Palo Alto's enterprise VPN, and CVE-2026-0257 lets attackers bypass authentication on its portals and gateways to gain unauthorized access. SimpleHelp's flaw hands unauthenticated attackers privileged technician accounts on servers running OIDC, a clean foothold for deeper intrusion. Cisco's SD-WAN Manager flaw escalates an attacker to root, and the LiteSpeed cPanel plugin follows symlinks to corrupt files. Administrators should patch all four now and hunt for rogue accounts and unexpected access.
Sources: The Hacker News · BleepingComputer · CISA Advisories · BleepingComputer
Latest developments: Users found that AMD removed transparent secure memory encryption (TSME) from recent consumer processors in a deliberate, undocumented change, stripping a baseline defense against cold-boot and physical memory attacks.
TSME automatically encrypts system RAM, blocking cold-boot and physical attacks that read memory directly off the chips. Users discovered AMD pulled the feature from recent desktop and laptop processors and said nothing about it. The change leaves consumer machines exposed while pricier server and professional parts keep the protection. Buyers who depend on memory encryption should confirm support before purchasing.
Sources: Ars Technica Security
Latest developments: FIRST raised its 2026 forecast to roughly 66,000 CVEs, well above the year's opening projection, crediting AI tools that now hunt software flaws on their own and find them efficiently.
FIRST, the Forum of Incident Response and Security Teams, now projects 2026 will close near 66,000 disclosed vulnerabilities. The jump traces mostly to AI tools that find software flaws autonomously and at speed. The surge strains triage, patching, and prioritization for defenders already running behind. Security teams should lean on exploit-prediction scoring and KEV data to aim limited remediation effort where attackers actually go.
Sources: Help Net Security
Latest developments: Obsidian Security disclosed three chained flaws that let a default low-privilege LiteLLM account climb to full admin and run code on the host, exposing every model-provider key the gateway holds.
LiteLLM is a widely deployed open-source AI gateway that brokers calls to more than 100 model providers behind one OpenAI-compatible interface. Obsidian Security chained three bugs that carry a default low-privilege account all the way to admin and code execution on the server. A takeover spills every provider API key the gateway stores along with the secrets behind them. Teams running LiteLLM should update immediately, rotate keys, and lock down the default account.
Sources: The Hacker News
Latest developments: Anthropic said the US government invoked national-security authorities to force the worldwide shutdown of Fable 5 and Mythos 5, the first known use of those authorities against an AI model's export, a lever Washington once reserved for chips and hardware.
Anthropic abruptly suspended worldwide access to Fable 5 and Mythos 5 after a US directive barred foreign nationals from the technology. The company says the order cited national-security authorities and applies them to an AI model's export for the first time. Anthropic disputes the cited basis even as it complies. The move opens a front in AI governance where model capabilities draw the same controls as advanced silicon.
Sources: The Record · Dark Reading
Latest developments: After Google's lawsuit earlier this month, the FBI and Google dismantled Outsider Enterprise, a China-based phishing-as-a-service operation that ran more than 9,000 phishing sites, stole close to 4 million credit cards, and caused roughly $1.9 billion in losses.
Outsider Enterprise sold a phishing-as-a-service kit that blasted scam texts at Americans and harvested payment-card data at scale. Google sued the network in June; now law enforcement and the company have seized its infrastructure of more than 9,000 sites. Investigators tally nearly 4 million stolen credit cards and about $1.9 billion in losses. The operation pairs civil action with seizure to break a high-volume smishing pipeline.
Sources: SecurityWeek
Latest developments: A proposed FCC rule would compel US carriers to store a government-issued ID number and physical address for essentially every phone customer, eliminating prepaid accounts unattached to a named person.
The proposal would tie every phone account to a government ID and a physical address, killing the burner phones that journalists, abuse survivors, and activists rely on for anonymity. Privacy advocates compare the data-retention mandate to surveillance regimes in authoritarian states. The rule would pile sensitive identity records inside telecoms, manufacturing a fresh breach target. Public comment will shape whether it advances.
Sources: Schneier on Security
Latest developments: The Justice Department seized CFAKE.com and SOCFAKE.com, which hosted nonconsensual AI-generated nude images and videos of women, in what appears the first publicly announced domain seizure under the TAKE IT DOWN Act.
The two sites manufactured and distributed nonconsensual AI-generated nude imagery of women. The Justice Department's seizure marks the first public domain takedown under the TAKE IT DOWN Act, the law that criminalizes nonconsensual intimate imagery and compels its removal. The action tests whether the young statute can reach deepfake operators. Victims and advocates have pushed for enforcement since the act passed.
Sources: BleepingComputer
Latest developments: Trump and Iran's top negotiator signed a memorandum of understanding Monday, and the Dow closed at a record while oil settled at its lowest since March 4—a concrete advance over Sunday's announcement that the deal was merely complete.
The agreement commits Iran to dismantle its nuclear program and reopen the Strait of Hormuz in exchange for sanctions relief, and a signing ceremony follows Friday. Oil futures slid, average US gasoline dropped below $4 a gallon, and global stocks rallied, though long-term terms still hang unresolved and traffic through the strait could take weeks to recover.
Sources: WSJ Markets · WSJ World News · FT Markets · FT Markets
Tonight: Mostly Clear, low 51F.
Tuesday: Mostly Sunny, high 77F.
Tuesday Night: Mostly Cloudy then Chance Rain Showers, low 58F.
Latest developments: Pittsburgh's Astrobotic faces one final test before launching Griffin, its second lunar lander, which will carry NASA cargo toward a planned moon base aboard a SpaceX rocket.
Astrobotic, the North Side robotics company, built the Griffin lander to deliver NASA equipment to the moon after its first lander, Peregrine, fell short in 2024. The company is finishing checks ahead of liftoff.
Sources: Pittsburgh Post-Gazette
Latest developments: A local study finds the cost of a Pittsburgh wedding runs higher than the national average, KDKA reported.
KDKA's Talk the Talk segment examined why couples marrying in Pittsburgh pay more than the typical American wedding bill.
Sources: KDKA
Latest developments: The National Weather Service confirmed at least three tornadoes touched down across Beaver County and eastern Ohio's Columbiana County from Sunday's storms, with survey teams still assessing EF ratings.
Sunday's severe storms spawned tornadoes and toppled trees across Western Pennsylvania, blocking roads in Ambridge, ripping a machine shed from a Butler County farm, and cutting power to thousands. Cleanup ran through Monday in Beaver County and Elizabeth Township.
Latest developments: Part of the Parkway North fully closes later this week for demolition of the Jacks Run Road Bridge, after equipment problems postponed Monday night's planned start.
Crews will tear down the Jacks Run Road Bridge over the Parkway North, forcing a complete closure of a stretch of the highway and pushing drivers onto detours.
Sources: KDKA
Latest developments: Park Street Deli recalled its Macaroni & Cheese sold at Aldi nationwide over an undeclared allergen, more than 500,000 packages in all.
The recall covers Park Street Deli Macaroni & Cheese stocked at Aldi stores, which carry an allergen the label failed to declare. Shoppers should check packages and return affected products.
Sources: WTAE
Latest developments: Forecasters call for dry, comfortable weather through midweek before rain returns Wednesday night and Thursday brings an Impact Day for rain and storms.
Western Pennsylvania settles into pleasant conditions early in the week, then turns wet as a storm system arrives Thursday.
Sources: WTAE
Pirates (36-36)
Sun Jun 14 · Marlins 4 · Pirates 2 · Final
Meyer outduels Skenes, allows one run in six innings as Marlins top Pirates 4-2
Up Next · Pirates @ Athletics · Mon Jun 15, 9:40 PM
Latest developments: Post-Gazette columnist Noah Hiles argued the Pirates must repair their bullpen now or watch it sink the season, and the team called up No. 7 prospect Antwone Kelly to add relief help.
Pittsburgh's relief corps has faltered down the stretch of close games. Hiles pointed at manager Don Kelly and general manager Ben Cherington as the bullpen drags on the club; the Pirates promoted right-hander Antwone Kelly from the minors to shore it up.
Sources: Post-Gazette Pirates · Post-Gazette Pirates
Latest developments: A Not Just Football short called Nick Herbig's new contract '20 years in the making,' and a Post-Gazette video weighed whether the Steelers can build a defensive core around Herbig and cornerback Joey Porter Jr.
The Steelers signed edge rusher Nick Herbig to a new deal, and the beat discussion turned to whether he and Porter Jr., both young, can anchor the defense as the roster turns over.
Sources: Not Just Football with Cam Heyward · Post-Gazette Steelers
Latest developments: In Steelers media shorts, quarterback Drew Allar described what he takes from veteran Aaron Rodgers and reflected on the just-finished offseason program.
Allar, the young Steelers quarterback, talked about studying Rodgers's approach and his own work through spring practices as the team closed its 2026 offseason program.
Sources: Pittsburgh Steelers (YouTube) · Pittsburgh Steelers (YouTube)
Latest developments: Post-Gazette's Off The Bat drew six lessons from the Pirates' six games against the Dodgers and Braves, baseball's top teams.
The column assessed how Pittsburgh stacked up against elite competition, touching on the rotation behind Paul Skenes and Mitch Keller and the lineup's gap against the league's best.
Sources: Post-Gazette Pirates
S&P 500 7,377.03 ▼ -2.2% Dow 50,725.58 ▼ -0.7% Nasdaq 25,695.30 ▼ -3.8% WTI crude 88.42 ▼ -5.0% EUR/USD 1.1556 ▼ -0.4% GBP/USD 1.3386 ▼ -0.3% USD/JPY 160.23 ▲ +0.2%